Hi,
What is the equivalent of the old ipfilter plugin in Caddy 2?
I just want to reject/drop connections from a given country/countries to my reverse_proxy hosts.
I’m using Caddyfile, I’m assuming it’s going to be something using a request matcher on remote_ip, but I’m not sure how to set the rule up in Caddyfile.
Any pointers?
Thanks
Jim
Traditional approach is fine and recommended like iptable, ufw, etc as they have work well for years.
In addition to @jameszen2020’s answer, with Caddy v2’s much more powerful matching capabilities, you may not need any dedicated functionality like ipfilter. Just use the remote_ip matcher and then handle those requests however you like.
example.com {
# Match requests that come from 192.168.0.1
@hateThisGuy {
remote_ip 192.168.0.1
}
# We really hate this guy in particular
route @hateThisGuy {
respond "I hate you, guy!" 401
}
# We don't hate anyone else, though
root /var/www/html
file_server
}
Request matchers (Caddyfile) — Caddy Documentation
respond (Caddyfile directive) — Caddy Documentation
Unfortunately, note that this doesn’t handle IPs from downloadable databases like the v1 ipfilter did.
3 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.