dustinmoris
commented
4 years ago Hi, the Firewall already logs unauthorised requests by default. You just need to turn on the log level to "Warning".
Also if you turn on the log level to "Debug" then you get a lot more diagnostics, which are normally useful for diagnosing an issue or testing certain rules.
Hope that helps, I'll add an entry to the README about the warning log level!
It would be great if we could log the request from a blocked IP. This is great for analytics, forensics and also to see if perhaps there are some other IPs we should consider allowing (through log analysis). Perhaps ILogger can be injected into the middleware constructor.
Perhaps pass an options via an Action<> param.... i.e.
app.UserFirewall(opts => opts.EnableLogging = true);and/or
var opts = new FirewallOptions(); app.UserFirewall(opts);