httpd: fixed logging of refused requests due to rate limiting/blocklisting
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
parent
894e12e285
commit
a1346aa071
2 changed files with 14 additions and 6 deletions
|
@ -12488,7 +12488,7 @@ func TestDefender(t *testing.T) {
|
|||
req.RemoteAddr = remoteAddr
|
||||
rr = executeRequest(req)
|
||||
checkResponseCode(t, http.StatusForbidden, rr)
|
||||
assert.Contains(t, rr.Body.String(), "your IP address is banned")
|
||||
assert.Contains(t, rr.Body.String(), "your IP address is blocked")
|
||||
|
||||
req, _ = http.NewRequest(http.MethodGet, webUsersPath, nil)
|
||||
req.RequestURI = webUsersPath
|
||||
|
@ -12496,7 +12496,7 @@ func TestDefender(t *testing.T) {
|
|||
req.RemoteAddr = remoteAddr
|
||||
rr = executeRequest(req)
|
||||
checkResponseCode(t, http.StatusForbidden, rr)
|
||||
assert.Contains(t, rr.Body.String(), "your IP address is banned")
|
||||
assert.Contains(t, rr.Body.String(), "your IP address is blocked")
|
||||
|
||||
req, _ = http.NewRequest(http.MethodGet, webClientFilesPath, nil)
|
||||
req.Header.Set("X-Real-IP", "127.0.0.1:2345")
|
||||
|
@ -12504,7 +12504,7 @@ func TestDefender(t *testing.T) {
|
|||
req.RemoteAddr = remoteAddr
|
||||
rr = executeRequest(req)
|
||||
checkResponseCode(t, http.StatusForbidden, rr)
|
||||
assert.Contains(t, rr.Body.String(), "your IP address is banned")
|
||||
assert.Contains(t, rr.Body.String(), "your IP address is blocked")
|
||||
|
||||
_, err = httpdtest.RemoveUser(user, http.StatusOK)
|
||||
assert.NoError(t, err)
|
||||
|
|
|
@ -1051,7 +1051,7 @@ func (s *httpdServer) updateContextFromCookie(r *http.Request) *http.Request {
|
|||
return r
|
||||
}
|
||||
|
||||
func (s *httpdServer) checkConnection(next http.Handler) http.Handler {
|
||||
func (s *httpdServer) parseHeaders(next http.Handler) http.Handler {
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
ipAddr := util.GetIPFromRemoteAddress(r.RemoteAddr)
|
||||
var ip net.IP
|
||||
|
@ -1083,6 +1083,13 @@ func (s *httpdServer) checkConnection(next http.Handler) http.Handler {
|
|||
}
|
||||
}
|
||||
|
||||
next.ServeHTTP(w, r)
|
||||
})
|
||||
}
|
||||
|
||||
func (s *httpdServer) checkConnection(next http.Handler) http.Handler {
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
ipAddr := util.GetIPFromRemoteAddress(r.RemoteAddr)
|
||||
common.Connections.AddClientConnection(ipAddr)
|
||||
defer common.Connections.RemoveClientConnection(ipAddr)
|
||||
|
||||
|
@ -1092,7 +1099,7 @@ func (s *httpdServer) checkConnection(next http.Handler) http.Handler {
|
|||
return
|
||||
}
|
||||
if common.IsBanned(ipAddr, common.ProtocolHTTP) {
|
||||
s.sendForbiddenResponse(w, r, "your IP address is banned")
|
||||
s.sendForbiddenResponse(w, r, "your IP address is blocked")
|
||||
return
|
||||
}
|
||||
if delay, err := common.LimitRate(common.ProtocolHTTP, ipAddr); err != nil {
|
||||
|
@ -1190,9 +1197,10 @@ func (s *httpdServer) initializeRouter() {
|
|||
s.router = chi.NewRouter()
|
||||
|
||||
s.router.Use(middleware.RequestID)
|
||||
s.router.Use(s.checkConnection)
|
||||
s.router.Use(s.parseHeaders)
|
||||
s.router.Use(logger.NewStructuredLogger(logger.GetLogger()))
|
||||
s.router.Use(middleware.Recoverer)
|
||||
s.router.Use(s.checkConnection)
|
||||
if s.binding.Security.Enabled {
|
||||
secureMiddleware := secure.New(secure.Options{
|
||||
AllowedHosts: s.binding.Security.AllowedHosts,
|
||||
|
|
Loading…
Reference in a new issue