esune
commented
10 months ago @ShellyXueHan @mitovskaol @NickCorcoran: is there any tool the Platform team is using for this purpose and we should look into?
c.c.: @WadeBarnes
Open esune opened 10 months ago
esune
commented
10 months ago @ShellyXueHan @mitovskaol @NickCorcoran: is there any tool the Platform team is using for this purpose and we should look into?
c.c.: @WadeBarnes
esune
commented
10 months ago BCGov API gateway: https://bcgov.github.io/aps-infra-platform/guides/owner-journey-v1/
Our Solr search engine is being hit by (unknown) services that appear to be hosted on a broad/unpredictable range of IP addresses. Caddy does not provide a good method to manage block lists, and while moving to NGINX is possible, it creates extra work to migrate the deployments AND maintain the block lists for a quick-changing set of IPs.
We should look at tools that would allow us to insert an externally-managed layer responsible for filtering requests coming from undesirable addresses (e.g.: botnets) and that could be reused for our other services as well.
A first step is talking to the Platform Services team to get input on options other BCGov projects are using.
Acceptance Criteria: