What I built
Imagine you wanted to block people using iPhone to access your server, or people using Chrome or people accessing from IPs of specific location to your server, but you don't want to write all this on serverside. You can do that all on edge (before request hits your server) with Liguard!
Liguard is an Edge cloud firewall reverse proxy with an inbuilt ddos prevention solution. Does that sound complex? Let's break it down.
- Cloud: A system/server that is sitting on the cloud
- Firewall: A system that denies/allows a packet based on some instruction and conditional logic
- Reverse Proxy: A system that sits in-front of your actual server and forward the request to your actual server safely
- DDoS Protection: A system that detects DDoS and contains the attack Liguard is a combination of all these! Yes, you read that right.
Category Submission:
EdgeWorker Experts
Screenshots
Description
One can simply define custom security policies in JSON like the following:
{
"siteConfigs": [
{
"siteData": {
"siteName": "google",
"forwardingUrl": "https://google.com",
"blockedOs": ["iPhone"],
"blockedBrowser": ["Chrome"],
"blockedDevice": ["iPhone"],
"blockedOSVersion": ["15.1"],
"blockedLocations": [""],
"blockedIPs": ["0.0.0.0", "8.8.8.8"]
}
},
{
"siteData": {
"siteName": "github",
"forwardingUrl": "https://github.com",
"blockedOs": ["Mac"],
"blockedBrowser": ["Chrome"],
"blockedDevice": ["iPhone"],
"blockedOSVersion": ["15.1"],
"blockedLocations": ["India"],
"blockedIPs": ["0.0.0.0", "8.8.8.8"]
}
}
]
}
This will implement all these security policies in the Edge using Linode's EdgeWorker service! A truly customisable and configurable firewall guard.
Source Code
DarthBenro008
/
liguard
A very simple customizable and configurable firewall deployable on Linode Edgeworker
Liguard
A very simple customizable and configurable firewall deployable on Linode Edgeworker
🤔 What is Liguard?
Liguard is an Edge cloud firewall reverse proxy with an inbuilt ddos prevention solution. Does that sound complex? Let's break it down.
- Cloud: A system/server that is sitting on the cloud
- Firewall: A system that denies/allows a packet based on some instruction and conditional logic
- Reverse Proxy: A system that sits in-front of your actual server and forward the request to your actual server safely
- DDoS Protection: A system that detects DDoS and contains the attack
Liguard is a combination of all these! Yes, you read that right.
Imagine you wanted to block people using iPhone to access your server, or people using Chrome or accessing from IPs of specific location. You can do that all with Liguard!
What are the major advantages of using Liguard?
- Declarative security policies using JSON
- Runs on Edge…
Permissive License
This project is backed under MIT License, special shout out to project UA-Parser, as liguard uses a piece of its source-code.
Background
As a backend developer, i always was very concerned about security issues. Adding security features on server levels are always hectic, i always wondered if i could somehow block people who use safari to visit my website (because a lot of CSS frameworks break in safari), hence this motivated me to make a firewall/guard that could be applied in a whole domain, and is not at server level, but at edge-level.
How I built it
Thanks to Linode's Edgeworker service and their amazing tutorials!
This project is written in Javascript, and deployed via akamai CLI
The resources and relevant info on how to develop/test and deploy can be found here!
Top comments (0)