-
-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
a79f4fe
commit 43b3dd0
Showing
1 changed file
with
83 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,83 @@ | ||
| ### **Technical Introduction to Caddy Defender Plugin** | ||
|
|
||
| The **Caddy Defender Plugin** is a powerful middleware for the Caddy web server that allows you to control and manipulate traffic based on the client's IP address. Whether you're looking to block unwanted requests, pollute AI training data, or return custom responses, this plugin provides a flexible and easy-to-use solution. | ||
|
|
||
| --- | ||
|
|
||
| ### **Demo: Protecting Your Server with Caddy Defender** | ||
|
|
||
| Let’s walk through a quick demo to see how the Caddy Defender plugin works in action. | ||
|
|
||
| #### **Step 1: Install Caddy with the Defender Plugin** | ||
|
|
||
| Using Docker, you can quickly get started with the Caddy Defender plugin: | ||
|
|
||
| ```bash | ||
| docker pull ghcr.io/jasonlovesdoggo/caddy-defender:latest | ||
| ``` | ||
|
|
||
| #### **Step 2: Create a `Caddyfile`** | ||
|
|
||
| Create a `Caddyfile` with the following configuration: | ||
|
|
||
| ```caddyfile | ||
| { | ||
| order defender before basicauth | ||
| } | ||
| localhost:8080 { | ||
| # Block requests from OpenAI's IP range | ||
| defender block { | ||
| range openai | ||
| } | ||
| # Return garbage data for requests from a specific IP range | ||
| defender garbage { | ||
| range 192.168.0.0/24 | ||
| } | ||
| # Return a custom message for requests from another IP range | ||
| defender custom "Access denied!" { | ||
| range 10.0.0.0/8 | ||
| } | ||
| # Default response for allowed clients | ||
| respond "Welcome to our website!" | ||
| } | ||
| ``` | ||
|
|
||
| This configuration: | ||
| - Blocks requests from the predefined `openai` IP range with a `403 Forbidden` response. | ||
| - Returns garbage data for requests from the `192.168.0.0/24` range. | ||
| - Returns a custom message `Access denied!` for requests from the `10.0.0.0/8` range. | ||
| - Displays "Welcome to our website!" for all other clients. | ||
|
|
||
| #### **Step 3: Run the Caddy Server** | ||
|
|
||
| Start the Caddy server using Docker: | ||
|
|
||
| ```bash | ||
| docker run -d \ | ||
| --name caddy-defender \ | ||
| -v /path/to/Caddyfile:/etc/caddy/Caddyfile \ | ||
| -p 8080:8080 \ | ||
| ghcr.io/jasonlovesdoggo/caddy-defender:latest | ||
| ``` | ||
|
|
||
| #### **Step 4: Test the Configuration** | ||
|
|
||
| 1. **Allowed Client**: | ||
| - Access `http://localhost:8080` from an allowed IP. | ||
| - You’ll see the response: `Welcome to our website!` | ||
|
|
||
| 2. **Blocked Client (OpenAI Range)**: | ||
| - Access `http://localhost:8080` from an IP in the `openai` range. (ask chatgpt to read your website) | ||
| - You’ll receive a `403 Forbidden` response. | ||
|
|
||
| 3. **Garbage Response Client**: | ||
| - Access `http://localhost:8080` from an IP in the `192.168.0.0/24` range. | ||
| - You’ll receive a garbage response, such as random bytes or nonsensical text. | ||
|
|
||
| 4. **Custom Message Client**: | ||
| - Access `http://localhost:8080` from an IP in the `10.0.0.0/8` range. | ||
| - You’ll receive the custom response: `Access denied!` |