Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add IP-based block list to wp-config #149

Merged
merged 1 commit into from
Feb 16, 2024
Merged

Add IP-based block list to wp-config #149

merged 1 commit into from
Feb 16, 2024

Conversation

matt-bernhardt
Copy link
Member

@matt-bernhardt matt-bernhardt commented Feb 16, 2024
edited
Loading

Why are these changes being introduced:

We are starting to see problematic site traffic, and want to have a way to block access to the application selectively.

Relevant ticket(s):

https://mitlibraries.atlassian.net/browse/pw-86

How does this address that need:

This adds an ability to block specific IP addresses from getting site responses, sending a 403 status message instead. The list of blocked IP addresses is managed via environment variables.

Document any side effects to this change:

There is a small increase in site overhead, as every page load will now be checked against the IP block list. However, this is done at the PHP level, without needing to spin up WordPress itself.

Developer

Stylesheets

  • Any theme or plugin whose stylesheets have changed has had its version
    string incremented.

Secrets

  • All new secrets have been added to Pantheon tiers
  • Relevant secrets have been updated in Github Actions
  • All new secrets documented in README

Documentation

  • Project documentation has been updated
  • No documentation changes are needed

Accessibility

  • ANDI or Wave has been run in accordance to
    our guide and
    all issues introduced by these changes have been resolved or opened as new
    issues (link to those issues in the Pull Request details above)
  • The UI is not affected by this work.

Stakeholder approval

  • Stakeholder approval has been confirmed
  • Stakeholder approval is not needed

Dependencies

NO dependencies are updated

Code Reviewer

  • The commit message is clear and follows our guidelines
    (not just this pull request message)
  • The changes have been verified
  • The documentation has been updated or is unnecessary
  • New dependencies are appropriate or there were no changes

@matt-bernhardt
Add IP-based block list to wp-config
2d11048 
** Why are these changes being introduced:

* We are starting to see problematic site traffic, and want to have a
  way to block access to the application selectively.

** Relevant ticket(s):

* https://mitlibraries.atlassian.net/browse/pw-86

** How does this address that need:

* This adds an ability to block specific IP addresses from getting site
  responses, sending a 403 status message instead. The list of blocked
  IP addresses is managed via environment variables.

** Document any side effects to this change:

* There is a small increase in site overhead, as every page load will
  now be checked against the IP block list. However, this is done at
  the PHP level, without needing to spin up WordPress itself.
@JPrevost JPrevost self-assigned this Feb 16, 2024
@matt-bernhardt matt-bernhardt merged commit 79a4a15 into master Feb 16, 2024
3 checks passed
@matt-bernhardt matt-bernhardt deleted the pw-86 branch February 16, 2024 18:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JPrevost JPrevost JPrevost approved these changes

@jazairi jazairi Awaiting requested review from jazairi

Assignees

@JPrevost JPrevost

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@matt-bernhardt @JPrevost