django-request-filters
Advanced tools
django-request-filters is a package developed for django to detect and block the users those are using VPN, Proxy, TOR or Relay.
This package uses vpnapi.io API to detect the status of the user's IP address.
Use pip to install from PyPI:
pip install django-request-filters
Visit vpnapi.io and create an account and obtain your API Key.
In settings.py add the variable VPNAPI_KEY and set it's value to your API key obtained in step 1.
VPNAPI_KEY = 'Your vpnapi API key'
Add a view that will display to the users when they have blocked (optional setup): If you want to show your designed page to blocked users, you can follow this step.
Define a vew function:
# For example we defined a view function in views.py
from django.shortcuts import render
from request_filters.decorators.ip_check import exempt_IPCheckMiddleware
@exempt_IPCheckMiddleware
def blockView(request):
return render(request, 'block_view.html')
As we must need to display the view function to blocked users, so the exempt_IPCheckMiddleware must be used in that view function.
Add the path of the view function in settings.py:
IP_BLOCK_VIEW = "app_name.views.blockView"
If you do not defined any view function for blocked users, then by default it will show a simple HTML page contains a text "We can't allow your request, because you are using VPN or Proxy or Tor or Relay." with status code 418.
Add additional settings in settings.py (optional):
BLOCK_VPN (optional default: True)
If set to True all the users want accessing the site with VPN will be disallowed.
If set to False, users can access the site using VPN.BLOCK_PROXY (optional default: True)
If set to True all the users want accessing the site with Proxy will be disallowed.
If set to False, users can access the site using Proxy.BLOCK_TOR (optional default: True)
If set to True all the users want accessing the site with TOR will be disallowed.
If set to False, users can access the site using TOR.BLOCK_RELAY (optional default: True)
If set to True all the users want accessing the site with Relay will be disallowed.
If set to False, users can access the site using Relay.Use MIDDLEWARE to block the anonymous users (i.e. those are using VPN, Proxy, TOR or Relay) to access all the view function (i.e. all the requests).
'request_filters.middlewares.ip_check.IPCheckMiddleware' into MIDDLEWARE.MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
.....................
.....................
'request_filters.middlewares.ip_check.IPCheckMiddleware' # We have added this new middleware
]
Exempt from some view functions
Adding the middleware will block the anonymous users, so that those users can visit any views.
If you want to allow anonymous users to visit only some specific views, you can do that by using the exempt_IPCheckMiddleware decorator on the view function.
from request_filters.decorators.ip_check import exempt_IPCheckMiddleware
@exempt_IPCheckMiddleware
def home(request):
.........
.........
Here, for the above code sample, all the users (including anonymous users) can visit the home view.
You can use this method, when you want to block the anonymous users for almost all the view functions.
You can also controll uses' request using decorator and without using Middleware.
prevent_anonymous_ip
Import this decorator by - from request_filters.decorators.ip_check import prevent_anonymous_ip
If you add this decorator to a view function, this view function will not acessable to anonymous users.
This decorator has some optional parameter -
block_vpn (optional default: settings.BLOCK_VPN)
If set to True VPN users can't visit the view function.
If set to False, VPN users can visit the view.block_proxy (optional default: settings.BLOCK_PROXY)
If set to True Proxy users can't visit the view function.
If set to False, Proxy users can visit the view.block_tor (optional default: settings.BLOCK_TOR)
If set to True TOR users can't visit the view function.
If set to False, TOR users can visit the view.block_relay (optional default: settings.BLOCK_RELAY)
If set to True Relay users can't visit the view function.
If set to False, Relay users can visit the view.You can use this method, when you want to block the anonymous users only for few view functions.
To contribute to django-request-filters create a fork on GitHub. Clone your fork, make some changes, and submit a pull request.
Use the GitHub issue tracker for django-request-filters to submit bugs, issues, and feature requests.
FAQs
Block the users those are using VPN, Proxy, TOR or Relay.
We found that django-request-filters demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.
Security News
AGENTS.md is a fast-growing open format giving AI coding agents a shared, predictable way to understand project setup, style, and workflows.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.