Phx2Ban.Plug (Phx2Ban v0.2.2)

This Plug module is used to block requests from IP addresses that have been marked as malicious as well as pass off inbound requests for out of band (asynchronous) analysis. You can add this to your endpoint.ex module to ensure malicious actors are blocked:

# endpoint.ex
plug Phx2Ban.Plug

socket "/live", Phoenix.LiveView.Socket, ...

Where in endpoint.ex should Phx2Ban.Plug go?

Where you put Phx2Ban.Plug in your endpoint.ex file depends on your particular setup and what rules you have enabled in Phx2Ban. Phx2Ban will ignore any incoming requests that can be handled by your configured router(s) to ensure valid traffic is not miscategorized. But if you are hosting files from your Plug.Static calls that would trigger false-positives from the rules (e.g. by serving a .php file), you need to take that into account. In most cases we would suggest putting Phx2Ban.Plug before any socket "/live" or Plug.Static calls but if you think that your static assets may trigger false-positives, make sure you put the Phx2Ban.Plug call after those plugs.

This plug also supports several configuration options that can be passed to the c:Phx2Ban supervisor module or set via application config. Look at the docs for the Phx2Ban.FirewallConfig module for details on configuration options. The following options are currently supported: resp_status_code, resp_body, resp_headers.