Geo IP blocking with Caddy 2

What is the equivalent of the old ipfilter plugin in Caddy 2?
I just want to reject/drop connections from a given country/countries to my reverse_proxy hosts.
I’m using Caddyfile, I’m assuming it’s going to be something using a request matcher on remote_ip, but I’m not sure how to set the rule up in Caddyfile.
Any pointers?

Traditional approach is fine and recommended like iptable, ufw, etc as they have work well for years.

In addition to @jameszen2020’s answer, with Caddy v2’s much more powerful matching capabilities, you may not need any dedicated functionality like ipfilter. Just use the remote_ip matcher and then handle those requests however you like. {
  # Match requests that come from
  @hateThisGuy {

  # We really hate this guy in particular
  route @hateThisGuy {
    respond "I hate you, guy!" 401

  # We don't hate anyone else, though
  root /var/www/html

Request matchers (Caddyfile) — Caddy Documentation
respond (Caddyfile directive) — Caddy Documentation

Unfortunately, note that this doesn’t handle IPs from downloadable databases like the v1 ipfilter did.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.