This is a Django app that implements IP-based blocklisting. Its BlocklistMiddleware performs the blocking, and its clean_blocklist management command deletes entries which have satisfied the cooldown period. Entries also have a reason field, used in reporting. There are utility functions to add/remove IPs, an admin, and several management commands.
This app is primarily for situations where server-level blocking is not available, e.g. on platform-as-a-service hosts like PythonAnywhere or Heroku. Being an application-layer solution, it's not as performant as blocking via firewall or web server process, but is suitable for moderate traffic sites. It also offers better integration with the application stack, for easier management.
The PyPI package name is django-blocklist; add that to your requirements.txt or otherwise install it into your project's Python environment.
Add "django_blocklist" to settings.INSTALLED_APPS
Add "django_blocklist.middleware.BlocklistMiddleware" to settings.MIDDLEWARE
Run python manage.py migrate to create the django_blocklist_blockedip table.
Add IPs to the list (via management commands, utils.update_blocklist, or the admin).
Set up a cron job or equivalent to run manage.py clean_blocklist daily.
Django-blocklist includes several management commands:
clean_blocklist — remove entries that have fulfilled their cooldown periodimport_blocklist — convenience command for importing IPs from a fileremove_from_blocklist — remove one or more IPsreport_blocklist — information on the current entriessearch_blocklist — look for an IP in the list; in addition to info on stdout, returns an exit code of 0 if successfulupdate_blocklist — add/update IPs; --reason and --cooldown optional; use --skip-existing to avoid updating existing recordsThe --help for each of these details its available options.
For exporting or importing BlockedIP entries, use Django's built-in dumpdata and loaddata management commands.
You can customize the following settings via a BLOCKLIST_CONFIG dict in your project settings:
cooldown — Days to expire, for new entries; default 7cache-ttl — Seconds to cache the list of blocked IPs; default 60denial-template — For the denial response; an f-string with {ip} and {cooldown} placeholdersThe report_blocklist command gives summary information about the current collection of IPs, including how many requests from those IPs have been blocked. See the sample report for more.
The utils module defines two convenience functions for updating the list from your application code:
update_blocklist(ips: set, reason: str, cooldown: int, last_seen: datetime) adds IPs to the blocklist (all args except set are optional)remove_from_blocklist(ip: str) removes an entry, returning True if successfulFAQs
A Django app that implements IP-based blocklisting.
We found that django-blocklist demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.