This is an automated archive made by the Lemmit Bot.
The original was posted on /r/selfhosted by /u/fab_space on 2025-01-12 10:09:37+00:00.
A Reddit user asked about a project I am building if is possible to integrate a 404 protection error for clients abusing its website powered by caddy server.
I ended up building a specific caddy module for that, the caddy-mib
Caddy MIB (Middleware IP Ban) is a custom Caddy HTTP middleware designed to track client IPs generating repetitive errors (such as 404 or 500) and temporarily ban them after exceeding a specified threshold. This middleware helps mitigate brute force attacks, excessive requests for non-existent resources, or other abusive behavior by blocking IPs that breach the configured error limits.
Features
- Track Specific HTTP Error Codes: Configure which HTTP error codes (e.g., 404, 500) to track.
- Set Error Thresholds: Define the maximum number of errors allowed per IP before banning.
- Custom Ban Duration: Specify how long an IP should be banned (e.g., 5s, 10s).
- Dynamic Ban Duration: Increase ban duration exponentially with repeated offenses.
- Whitelist Trusted IPs: Exempt specific IPs or CIDR ranges from banning.
- Per-Path Configuration: Define custom error thresholds and ban durations for specific paths.
- Custom Ban Response: Return a custom response body and header for banned IPs.
- Configurable Ban Status Code: Set a custom HTTP status code for banned IPs (e.g., 403 Forbidden or 429 Too Many Requests).
- Debugging: Detailed logs to track IP bans, error counts, and request statuses.
- Automatic Unbanning: Banned IPs are automatically unbanned after the ban duration expires.
Simple and effective from reddit users to reality in a week ☕️
Have a nice sunday u all dear selfhosters ❤️