#5734 - XML advanced traffic rules
-
By PDStig
- Added
- 11 views
| Identifier | #5734 |
|---|---|
| Issue type | Feature request or suggestion |
| Title | XML advanced traffic rules |
| Status | Open |
| Tags |
Roadmap: Sponsorship (custom) |
| Handling member | Deleted |
| Addon | core_configuration |
| Description | Implement an XML configuration that can define advanced rules to perform on certain traffic to a Composr site.
Available criteria could be things like IP address (supporting wildcards), user agent, request/response headers, hostname, country/region (if geocoding is available), referrer, operating system, member, group, is staff, is administrator, is on probation, is guest, is bot, zone/page/type requested, GET/POST parameters, etc. Available actions could include applying a specific rate limit, throttling (e.g. sleep the request?), serve / apply a static cache, redirecting, blocking the request, banning (as spammer according to configured time), banning (permanently, optional advanced banning type), requiring validation for submitted content, preventing login or account registration, requiring login, logging the request, enabling profiling for the request, treating the request under dev mode, etc. Criteria should allow equals, does not equal (prefix with !), contains (prefix and/or suffix with *), or does not contain (prefix with ! followed by a prefix and/or suffix of *). Perhaps also allow regex. We should possibly utilise a cache for this so we know which criteria if any a repeat request matched and what actions were applied (the goal is reducing resource use especially with having to repeatedly parse the XML). Cache is cleared individually after a period of time or as a whole when the XML is changed. |
| Steps to reproduce | |
| Additional information | Inspiration: Cloudflare WAF rules |
| Funded? | No |
The system will post a comment when this issue is modified (e.g., status changes). To be notified of this, click "Enable comment notifications".
Comments
Let's say it took a month to do. What would help the Composr project grow more, a month implementing this, or a month sitting down with newbie users and watching what they do and tweaking things?