Banning users for certain actions

This page summarizes the projects mentioned and recommended in the original post on /r/flask

Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
  • flask-ipban

    Flask module to allow banning of ip addresses that spam a flask python web site

    I'd like to be able to ban users for certain actions, such as attempting to spam passwords. I have rate-limited set up already, but it seems weird that I would allow repeat offenders to just keep trying, even at a limited rate. My server has Fail2Ban set up and it will ban users based on the nginx log files, but I don't see how I can pipe errors to those files from Flask. I found this nifty extension - flask-ipban - but it appears to work off its own distinct log file. I presume that this means the nefarious user would still be able to attempt to hit those endpoints, which I presume would still take up some server resources (maybe I'm wrong here).

  • weakforced

    Anti-Abuse for servers at authentication time

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • crowdsec

    CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

    You could try out https://crowdsec.net. It’s an advanced FOSS framework for detecting a number of different attacks and not limited to just brute force attacks like Fail2Ban as /u/nonself suggests. The basic concept of CrowdSes is that it reads log, detects attacks, mitigates attacks (CrowdSec integrates directly into the Flask application) and shares information about those attacks with everyone else using CrowdSec. Disclaimer: I am head of community at CrowdSec so my opinions may be a little biased :-)

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts