search

dustinmoris / Firewall

ASP.NET Core middleware for IP address filtering.
Apache License 2.0
220 stars 36 forks source link

Question #5

Closed abomadi closed 4 years ago

abomadi commented 5 years ago

is it possible to protect a specific api's using filter ? also all the requests are coming from cloudflare too

dustinmoris commented 5 years ago

Hi, yes you should be able to limit an API to calls from Cloudflare only and custom rules, such as:

app.UseFirewall(
    FirewallRulesEngine
        .DenyAllAccess()
        .ExceptFromCloudflare()
        .ExceptWhen(ctx => ctx.Request.Path.Equals("<some-path>")));
abomadi commented 5 years ago

@dustinmoris oh what i meant i need the opposite, white listing specific api's based on ip, or u mean i can build a filter and add it as a rule too ?

dustinmoris commented 5 years ago

@abomadi Yes you should be able to build custom filter rules for that. You can build a filter which checks the resource of your API and then loads a list of whitelisted IPs which should be allowed to access that resource.

The ExceptWhen filter is a function which takes in a HttpContext and should return abool - true or false depending if the request should be allowed to continue or not.

If you build a resource based whitelist filter in a generic way then feel free to submit it as a feature PR. I would accept this feature as it might be useful for others too!

dustinmoris commented 4 years ago

I assume this has been answered, but feel free to re-open if something didn't make sense.