Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
This is a Django app that implements IP-based blocklisting. Its BlocklistMiddleware
performs the blocking, and its clean_blocklist
management command deletes entries which have satisfied the cooldown period. Entries also have a reason
field, used in reporting. There are utility functions to add/remove IPs, an admin, and several management commands.
This app is primarily for situations where server-level blocking is not available, e.g. on platform-as-a-service hosts like PythonAnywhere or Heroku. Being an application-layer solution, it's not as performant as blocking via firewall or web server process, but is suitable for moderate traffic sites. It also offers better integration with the application stack, for easier management.
The PyPI package name is django-blocklist
; add that to your requirements.txt
or otherwise install it into your project's Python environment.
Add "django_blocklist" to settings.INSTALLED_APPS
Add "django_blocklist.middleware.BlocklistMiddleware" to settings.MIDDLEWARE
Run python manage.py migrate
to create the django_blocklist_blockedip
table.
Add IPs to the list (via management commands, utils.add_to_blocklist
, or the admin).
Set up a cron job or equivalent to run manage.py clean_blocklist
daily.
Django-blocklist includes several management commands:
clean_blocklist
— remove entries that have fulfilled their cooldown periodimport_blocklist
— convenience command for importing IPs from a fileremove_from_blocklist
— remove one or more IPsreport_blocklist
— information on the current entriessearch_blocklist
— look for an IP in the list; in addition to info on stdout, returns an exit code of 0 if successfulupdate_blocklist
— add/update IPs; --reason
and --cooldown
optional; use --skip-existing
to avoid updating existing recordsThe --help
for each of these details its available options.
For exporting or importing BlockedIP entries, use Django's built-in dumpdata
and loaddata
management commands.
You can customize the following settings via a BLOCKLIST_CONFIG
dict in your project settings:
cooldown
— Days to expire, for new entries; default 7cache-ttl
— Seconds to cache the list of blocked IPs; default 60denial-template
— For the denial response; an f-string with {ip}
and {cooldown}
placeholdersThe report_blocklist
command gives summary information about the current collection of IPs, including how many requests from those IPs have been blocked. See the sample report for more.
The utils
module defines two convenience functions for updating the list from your application code:
add_to_blocklist(ips: set, reason, cooldown)
adds IPs to the blocklist (reason
and cooldown
are optional)remove_from_blocklist(ip: str)
removes an entry, returning True
if successfulFAQs
A Django app that implements IP-based blocklisting.
We found that django-blocklist demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.