Phx2Ban.Plug (Phx2Ban v0.2.3)
This Plug module is used to block requests from IP addresses that have been marked as
malicious as well as pass off inbound requests for out of band (asynchronous) analysis.
You can add this to your endpoint.ex module to ensure malicious actors are blocked:
# endpoint.ex
plug Phx2Ban.Plug
socket "/live", Phoenix.LiveView.Socket, ...Where in endpoint.ex should Phx2Ban.Plug go?
Where you put Phx2Ban.Plug in your endpoint.ex file depends on your particular
setup and what rules you have enabled in Phx2Ban. Phx2Ban will ignore any incoming
requests that can be handled by your configured router(s) to ensure valid
traffic is not miscategorized. But if you are hosting files from your Plug.Static calls
that would trigger false-positives from the rules (e.g. by serving a .php file),
you need to take that into account.
In most cases we would suggest putting Phx2Ban.Plug before any socket "/live" or
Plug.Static calls but if you think that your static assets may trigger false-positives,
make sure you put the Phx2Ban.Plug call after those plugs.
This plug also supports several configuration options that can be passed to the c:Phx2Ban
supervisor module or set via application config. Look at the docs for the
Phx2Ban.FirewallConfig module for details on configuration options. The following options
are currently supported: resp_status_code, resp_body, resp_headers.