dev-resources.site

for different kinds of informations.

Liguard - The Linode Guard

Published at

2/20/2023

What I built

Imagine you wanted to block people using iPhone to access your server, or people using Chrome or people accessing from IPs of specific location to your server, but you don't want to write all this on serverside. You can do that all on edge (before request hits your server) with Liguard!

Liguard is an Edge cloud firewall reverse proxy with an inbuilt ddos prevention solution. Does that sound complex? Let's break it down.

Cloud: A system/server that is sitting on the cloud
Firewall: A system that denies/allows a packet based on some instruction and conditional logic
Reverse Proxy: A system that sits in-front of your actual server and forward the request to your actual server safely
DDoS Protection: A system that detects DDoS and contains the attack Liguard is a combination of all these! Yes, you read that right.

Category Submission:

EdgeWorker Experts

Screenshots

Description

One can simply define custom security policies in JSON like the following:

{
  "siteConfigs": [
    {
      "siteData": {
        "siteName": "google",
        "forwardingUrl": "https://google.com",
        "blockedOs": ["iPhone"],
        "blockedBrowser": ["Chrome"],
        "blockedDevice": ["iPhone"],
        "blockedOSVersion": ["15.1"],
        "blockedLocations": [""],
        "blockedIPs": ["0.0.0.0", "8.8.8.8"]
      }
    },
    {
      "siteData": {
        "siteName": "github",
        "forwardingUrl": "https://github.com",
        "blockedOs": ["Mac"],
        "blockedBrowser": ["Chrome"],
        "blockedDevice": ["iPhone"],
        "blockedOSVersion": ["15.1"],
        "blockedLocations": ["India"],
        "blockedIPs": ["0.0.0.0", "8.8.8.8"]
      }
    }
  ]
}

This will implement all these security policies in the Edge using Linode's EdgeWorker service! A truly customisable and configurable firewall guard.

Source Code

DarthBenro008 / liguard

A very simple customizable and configurable firewall deployable on Linode Edgeworker

Liguard

A very simple customizable and configurable firewall deployable on Linode Edgeworker

🤔 What is Liguard?

Liguard is an Edge cloud firewall reverse proxy with an inbuilt ddos prevention solution. Does that sound complex? Let's break it down.

Cloud: A system/server that is sitting on the cloud
Firewall: A system that denies/allows a packet based on some instruction and conditional logic
Reverse Proxy: A system that sits in-front of your actual server and forward the request to your actual server safely
DDoS Protection: A system that detects DDoS and contains the attack

Liguard is a combination of all these! Yes, you read that right.

Imagine you wanted to block people using iPhone to access your server, or people using Chrome or accessing from IPs of specific location. You can do that all with Liguard!

What are the major advantages of using Liguard?

Declarative security policies using JSON
Runs on Edge…

View on GitHub

Permissive License

This project is backed under MIT License, special shout out to project UA-Parser, as liguard uses a piece of its source-code.

Background

As a backend developer, i always was very concerned about security issues. Adding security features on server levels are always hectic, i always wondered if i could somehow block people who use safari to visit my website (because a lot of CSS frameworks break in safari), hence this motivated me to make a firewall/guard that could be applied in a whole domain, and is not at server level, but at edge-level.

How I built it

Thanks to Linode's Edgeworker service and their amazing tutorials!

This project is written in Javascript, and deployed via akamai CLI

The resources and relevant info on how to develop/test and deploy can be found here!

linodehackathon Article's

30 articles in total