https://github.com/robrwo/plack-middleware-security-simple
Simple security filtering
https://github.com/robrwo/plack-middleware-security-simple
Last synced: about 2 months ago
JSON representation
Simple security filtering
- Host: GitHub
- URL: https://github.com/robrwo/plack-middleware-security-simple
- Owner: robrwo
- Created: 2014-06-23T21:49:14.000Z (almost 11 years ago)
- Default Branch: master
- Last Pushed: 2025-04-13T13:01:58.000Z (about 2 months ago)
- Last Synced: 2025-04-15T22:59:03.654Z (about 2 months ago)
- Language: Perl
- Size: 137 KB
- Stars: 2
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: Changes
- Security: SECURITY.md
Awesome Lists containing this project
README
# NAME
Plack::Middleware::Security::Simple - A simple security filter for Plack
# VERSION
version v0.12.1
# SYNOPSIS
```perl
use Plack::Builder;
builder {
enable "Security::Simple",
rules => [
PATH_INFO => qr{^/cgi-bin/},
PATH_INFO => qr{\.(php|asp)$},
HTTP_USER_AGENT => qr{BadRobot},
];
...
};
```
# DESCRIPTION
This module provides a simple security filter for PSGI-based
applications, so that you can filter out obvious exploit-seeking
scripts.
Note that as an alternative, you may want to consider using something like
[modsecurity](https://modsecurity.org/) as a filter in a reverse proxy.
# ATTRIBUTES
## rules
This is a set of rules. It can be a an array-reference or
[Hash::Match](https://metacpan.org/pod/Hash%3A%3AMatch) object containing matches against keys in the Plack
environment.
It can also be a code reference for a subroutine that takes the Plack
environment as an argument and returns a true value if there is a
match.
See [Plack::Middleware::Security::Common](https://metacpan.org/pod/Plack%3A%3AMiddleware%3A%3ASecurity%3A%3ACommon) for a set of common rules.
## handler
This is a function that is called when a match is found.
It takes the Plack environment as an argument, and returns a
[Plack::Response](https://metacpan.org/pod/Plack%3A%3AResponse), or throws an exception for
[Plack::Middleware::HTTPExceptions](https://metacpan.org/pod/Plack%3A%3AMiddleware%3A%3AHTTPExceptions).
The default handler will log a warning to the `psgix.logger`, and
return a HTTP 400 (Bad Request) response.
The message is of the form
```
Plack::Middleware::Security::Simple Blocked $ip $method $path_query HTTP $status
```
This can be used if you are writing [fail2ban](https://metacpan.org/pod/fail2ban) filters.
## status
This is the HTTP status code that the default ["handler"](#handler) will return
when a resource is blocked. It defaults to 400 (Bad Request).
# SUPPORT FOR OLDER PERL VERSIONS
Since v0.9.0, the this module requires Perl v5.14 or later.
Future releases may only support Perl versions released in the last ten (10) years.
# SEE ALSO
[Hash::Match](https://metacpan.org/pod/Hash%3A%3AMatch)
[Plack](https://metacpan.org/pod/Plack)
[PSGI](https://metacpan.org/pod/PSGI)
# SOURCE
The development version is on github at [https://github.com/robrwo/Plack-Middleware-Security-Simple](https://github.com/robrwo/Plack-Middleware-Security-Simple)
and may be cloned from [git://github.com/robrwo/Plack-Middleware-Security-Simple.git](git://github.com/robrwo/Plack-Middleware-Security-Simple.git)
# BUGS
Please report any bugs or feature requests on the bugtracker website
[https://github.com/robrwo/Plack-Middleware-Security-Simple/issues](https://github.com/robrwo/Plack-Middleware-Security-Simple/issues)
When submitting a bug or request, please include a test-file or a
patch to an existing test-file that illustrates the bug or desired
feature.
## Reporting Security Vulnerabilities
Security issues should not be reported on the bugtracker website. Please see `SECURITY.md` for instructions how to
report security vulnerabilities
# AUTHOR
Robert Rothenberg
# COPYRIGHT AND LICENSE
This software is Copyright (c) 2014,2018-2025 by Robert Rothenberg.
This is free software, licensed under:
```
The Artistic License 2.0 (GPL Compatible)
```