auto-smart-security 1.0.1 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +28 -5
- package/dist/apply-security.js +6 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -50,7 +50,7 @@ applySecurity(app, {
|
|
|
50
50
|
Reason: ${info.reason}
|
|
51
51
|
IP: ${info.ip}
|
|
52
52
|
URL: ${info.url}
|
|
53
|
-
UA: ${info.ua ?? 'N/A'}
|
|
53
|
+
UA: ${info.ua ?? 'N/A'}`,
|
|
54
54
|
);
|
|
55
55
|
},
|
|
56
56
|
});
|
|
@@ -133,17 +133,34 @@ Using ioredis
|
|
|
133
133
|
import Redis from 'ioredis';
|
|
134
134
|
import { RedisBlacklistStore } from 'smart-security';
|
|
135
135
|
|
|
136
|
-
const redis = new Redis(
|
|
136
|
+
const redis = new Redis({
|
|
137
|
+
host: process.env.REDIS_HOST,
|
|
138
|
+
port: Number(process.env.REDIS_PORT ?? 6379),
|
|
139
|
+
password: process.env.REDIS_PASSWORD || undefined,
|
|
140
|
+
});
|
|
137
141
|
|
|
138
142
|
applySecurity(app, {
|
|
139
|
-
|
|
143
|
+
mode: process.env.NODE_ENV === 'development' ? 'dev' : 'prod',
|
|
144
|
+
rateLimit: { max: 120, windowMs: 60_000 },
|
|
145
|
+
bot: { enabled: true },
|
|
146
|
+
blacklistTTL: 10 * 60 * 1000,
|
|
147
|
+
pathWhitelist: ['api', '/media'],
|
|
140
148
|
blacklist: {
|
|
141
149
|
store: new RedisBlacklistStore(
|
|
142
150
|
redis,
|
|
143
151
|
['1.2.3.4'], // static blacklist
|
|
144
|
-
600
|
|
152
|
+
600, // TTL in seconds
|
|
145
153
|
),
|
|
146
154
|
},
|
|
155
|
+
onBlock: (info) => {
|
|
156
|
+
SEND_NOTIFICATION_ERR(
|
|
157
|
+
`[SECURITY]
|
|
158
|
+
Reason: ${info.reason}
|
|
159
|
+
IP: ${info.ip}
|
|
160
|
+
URL: ${info.url}
|
|
161
|
+
UA: ${info.ua ?? 'N/A'}`,
|
|
162
|
+
);
|
|
163
|
+
},
|
|
147
164
|
});
|
|
148
165
|
```
|
|
149
166
|
|
|
@@ -172,4 +189,10 @@ applySecurity(app, {
|
|
|
172
189
|
- Docker / Kubernetes
|
|
173
190
|
- Cloudflare / Nginx / reverse proxies
|
|
174
191
|
|
|
175
|
-
##
|
|
192
|
+
## 📬 Contact
|
|
193
|
+
|
|
194
|
+
If you have questions, suggestions, or want to report security issues, feel free to contact:
|
|
195
|
+
|
|
196
|
+
- **Email:** haivinhinspirit@gmail.com
|
|
197
|
+
|
|
198
|
+
I usually respond within 24–48 hours.
|
package/dist/apply-security.js
CHANGED
|
@@ -54,8 +54,13 @@ function applySecurity(app, options) {
|
|
|
54
54
|
return res.status(403).send('Bot detected');
|
|
55
55
|
}
|
|
56
56
|
/** 3️⃣ Path whitelist */
|
|
57
|
+
const normalizePath = (url) => url.split('?')[0].replace(/^\/+/, '');
|
|
58
|
+
const isPathAllowed = (url, whitelist) => {
|
|
59
|
+
const path = normalizePath(url);
|
|
60
|
+
return whitelist.some((p) => path.startsWith(p.replace(/^\/+/, '')));
|
|
61
|
+
};
|
|
57
62
|
if (options.pathWhitelist?.length &&
|
|
58
|
-
!options.pathWhitelist
|
|
63
|
+
!isPathAllowed(url, options.pathWhitelist)) {
|
|
59
64
|
await blacklist.block(ip);
|
|
60
65
|
options.onBlock?.({
|
|
61
66
|
ip,
|