{"id":21308027,"url":"https://github.com/proofrock/caddy_smallshield","last_synced_at":"2025-10-26T08:42:33.322Z","repository":{"id":263442497,"uuid":"890427393","full_name":"proofrock/caddy_smallshield","owner":"proofrock","description":"IP blocker for Caddy","archived":false,"fork":false,"pushed_at":"2024-12-06T10:29:46.000Z","size":93,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-15T20:14:03.983Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/proofrock.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-18T14:50:43.000Z","updated_at":"2024-12-06T10:29:40.000Z","dependencies_parsed_at":"2024-11-19T04:59:42.332Z","dependency_job_id":null,"html_url":"https://github.com/proofrock/caddy_smallshield","commit_stats":null,"previous_names":["proofrock/caddy-smallshield"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/proofrock/caddy_smallshield","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/proofrock%2Fcaddy_smallshield","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/proofrock%2Fcaddy_smallshield/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/proofrock%2Fcaddy_smallshield/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/proofrock%2Fcaddy_smallshield/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/proofrock","download_url":"https://codeload.github.com/proofrock/caddy_smallshield/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/proofrock%2Fcaddy_smallshield/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":281079593,"owners_count":26440321,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-26T02:00:06.575Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-21T16:36:02.363Z","updated_at":"2025-10-26T08:42:33.276Z","avatar_url":"https://github.com/proofrock.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Caddy Small Shield\n\n\u003e 5 gp, 3 lbs, AC +1\n\nThis Caddy module has two functions:\n\n- filter away IPs based on a blacklist loaded from a URL and a whitelist\n- \"close up shop\" at given hours\n\n### IP Filtering\n\nIt is really simple (for now), it loads a URL containing a blacklist of IPs or IP ranges\n\n```\n...\n134.122.168.0/24\n134.122.188.0/23\n137.59.236.0/22\n...\n```\n\nand filter away requests coming from those IPs.\n\n\u003e In the examples we use [firehol_level1 on github](https://raw.githubusercontent.com/ktsaou/blocklist-ipsets/master/firehol_level1.netset), please do not abuse their bandwidth.\n\nAlso, it allows to specify a comma-separated list of IPs to consider as reputable, despite the blacklist.\n\nIt works with IPV4.\n\nIt tries to do it as fast as possible, using a high-performance and space-efficient bit tree to calculate\nthe IP \"fate\".\n\nThe parser of the blacklist looks in each line for a pattern that resembles an IP or an IP range, and loads\nit. Lines not containing any are ignored, as lines beginning with `#` or `;` are.\n\n### \"Closing hours\"\n\nIt simply accepts a list of \"closing hours\": `403` will be returned when attempting to connect at those hours.\n\n### Logging\n\nWhen `log_blockings` is present and set to `true` or `1`, it will log blocked attempts to connect to caddy's\n`info` log channel.\n\n## Building\n\n```bash\nxcaddy build --with github.com/proofrock/caddy_smallshield@v0.3.3\n```\n\n## Configuration\n\n```caddyfile\n{\n order caddy_smallshield first\n}\n\n:8089 {\n caddy_smallshield {\n  whitelist \"127.0.0.1\"\n  # Please do not abuse, e.g. reloading the config too many times\n  blacklist_url \"https://raw.githubusercontent.com/ktsaou/blocklist-ipsets/master/firehol_level1.netset\"\n  closing_hours \"8, 10\"\n  log_blockings \"1\"\n }\n respond \"Hello, World!\"\n}\n```\n\n## Testing\n\nIn the repo root, run:\n\n```bash\nxcaddy run -- --config Caddyfile\n```\n\nAfter creating a `Caddyfile` such as the above sample, you can (attempt to) connect with:\n\n```bash\ncurl localhost:8089 -v\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fproofrock%2Fcaddy_smallshield","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fproofrock%2Fcaddy_smallshield","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fproofrock%2Fcaddy_smallshield/lists"}