Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
By Douglas Coburn - Sep 13, 2024
django-bot-crawler-blocker
Advanced tools
django-bot-crawler-blocker
A Django app to block the IP addresses which sends too many hits to your application
- 1.0
- PyPI
- Maintainers
- 1
===== django_bot_crawler_blocker
This is a simple Django app to block the IP addresses which sends too many hits to your application. You can decide the number of hits that are allowed per IP address in defined time.
Quick start
-
Add "django_bot_crawler_blocker" to your INSTALLED_APPS setting like this::
INSTALLED_APPS = [ ... 'django_bot_crawler_blocker', ]
-
Add 'CrawlerBlockerMiddleware' to your middleware classes in settings.py file::
MIDDLEWARE = [ 'django_bot_crawler_blocker.django_bot_crawler_middleware.CrawlerBlockerMiddleware', 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', ]
'CrawlerBlockerMiddleware' can be and should be first middleware as we need to make sure IP check is the very first thing in processing request.
-
If cache settings are not defined in your settings.py file, then you need to add below lines to your settings.py file::
CACHES = { 'default': { 'BACKEND': 'django.core.cache.backends.db.DatabaseCache', 'LOCATION': 'cache_table', } }
Make sure you have database settings configured. Run the below command to create cache_table in database::
'python manage.py createcachetable'
You may choose whatever cache backend you want to use.
-
(optional) Set variables in MAX_ALLOWED_HITS_PER_IP and IP_HITS_TIMEOUT in settings.py file::
MAX_ALLOWED_HITS_PER_IP = 2000 # max allowed hits per IP_TIMEOUT time from an IP. Default 2000. IP_HITS_TIMEOUT = 60 # timeout in seconds for IP in cache. Default 60.
To test on local system, set these values to very low, e.g. IP_HITS_TIMEOUT = 30 and MAX_ALLOWED_HITS_PER_IP = 2. Restart the server and send requests frequently. After two requests you will start receiving 403 error. If not defined in settings file, default values will be used.
-
In case of any query or issue, please feel free to reach out to me. Email provided in MANIFEST file.
FAQs
A Django app to block the IP addresses which sends too many hits to your application
We found that django-bot-crawler-blocker demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
The Wildcard Gamble: Understanding the Risks of Floating Dependency Ranges in npm
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
By Sarah Gooding - Sep 13, 2024
Security News
New Rust RFC Proposes Adding Support for Trusted Publishing to Crates.io
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.
By Sarah Gooding - Sep 12, 2024