Unable to hit the rule

[enkr1]

I am trying to block people from accessing some blacklisted extensions and routes.

I am following this article https://www.paraxial.io/blog/throttle-requests

These are my config:

# router.ex
pipeline :plug_attack do
  plug(MyApp.PlugAttack)
end

scope "/", MyAppWeb do
  pipe_through([:browser, :plug_attack])

# application.ex
@impl true
def start(_type, _args) do
  children = [
    {PlugAttack.Storage.Ets, name: MyApp.PlugAttack.Storage, clean_period: 60_000},

# plug_attack.ex
defmodule MyApp.PlugAttack do
  use PlugAttack

  @list_blacklisted_extensions [".env", ".php", ".jsp"]

  # Blocks IPs on spamming blacklisted extensions
  rule "throttle spam requests", conn do
    IO.inspect("throttle spam requests") # This line cant even be hit 
    if conn.path_info
       |> Enum.map(&String.contains?(&1, @list_blacklisted_extensions))
       |> Enum.member?(true) do
      IO.inspect(conn, label: "[DEBUG] PA conn")
      throttle(conn.remote_ip,
        period: 60_000,
        limit: 10,
        storage: {PlugAttack.Storage.Ets, MyApp.PlugAttack.Storage}
      )
    end
  end
end

I tried to run curl -v -k http://localhost:4000/admin/indice.php, but I could not see any logs of "throttle spam requests" in my terminal ...

Hope anyone out there could help me with this please.

many thanks for considering my request. ❤️

Best wishes, Jing Hui PANG

[ghenry]

Hi @enkr1

Did you resolve this?

Thanks.

[enkr1]

Hi @enkr1

Did you resolve this?

Thanks.

I resolved this issue (DoS attack) by integrating a proxy server!

Wanted to use this plugin but i had too many errors so i just gave up