traefik_block_regex_urls

package module

v0.0.2 Latest Latest Go to latest Published: Jul 11, 2025 License: MIT Imports: 7 Imported by: 0

README ¶

Traefik Block Regex Urls

A Traefik plugin to block access to certain paths using a list of regex values and return a defined status code.

Configuration

Sample configuration in Traefik.

Configuration as local plugin

traefik.yml

log:
  level: INFO
experimental:
  localPlugins:
    block-regex-urls:
      moduleName: github.com/shantanugadgil/traefik-block-regex-urls

dynamic-configuration.yml

http:
  middlewares:
    block-scan-paths:
      plugin:
        block-regex-urls:
          allowLocalRequests: true
          regex:
            - "^something.mydomain.tld/scan?uid=12345(.*)&gid=6789(.*)"
            - "^something.mydomain.tld/scan?uid=345$"
          statusCode: 404

docker-compose.yml

services:
  traefik:
    image: traefik
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /docker/config/traefik/traefik.yml:/etc/traefik/traefik.yml
      - /docker/config/traefik/dynamic-configuration.yml:/etc/traefik/dynamic-configuration.yml
      - /plugin/traefik-block-regex-urls:/plugins-local/src/github.com/shantanugadgil/traefik-block-regex-urls/
    ports:
      - "80:80"
  hello:
    image: containous/whoami
    labels:
      - traefik.enable=true
      - traefik.http.routers.hello.entrypoints=http
      - traefik.http.routers.hello.rule=Host(`hello.localhost`)
      - traefik.http.services.hello.loadbalancer.server.port=80
      - traefik.http.routers.hello.middlewares=my-plugin@file

Sample configuration

allowLocalRequests: If set to true, will not block request from Private IP Ranges
regex: List of regex values to use for url blocking.
statusCode: Return value of the status code.

my-block-regex-urls:
  plugin:
    block-regex-urls:
      allowLocalRequests: true
      regex:
        - "^something.mydomain.tld/scan?uid=12345(.*)&gid=6789(.*)"
        - "^something.mydomain.tld/scan?uid=345$"
      statusCode: 418

Contributors


Shantanu Gadgil

License

traefik-block-regex-urls is distributed under the MIT license. See LICENSE for details.

MIT License

Copyright (c) 2025-today Shantanu Gadgil

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

Documentation ¶

Overview ¶

Package "block regex urls" is a Traefik plugin to block access to certain urls using a list of regex values and return a defined status code.

Index ¶

func InitializePrivateIPBlocks() []*net.IPNet
func IsIpInList(ip net.IP, list []*net.IPNet) bool
func IsPrivateIP(ip net.IP, privateIPBlocks []*net.IPNet) bool
func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error)
func ParseIP(address string) (net.IP, error)
type Config
- func CreateConfig() *Config

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func InitializePrivateIPBlocks ¶

func InitializePrivateIPBlocks() []*net.IPNet

This method initializes a list of private IP addresses. It uses a predefined range of CIDR addresses. Returns a list of private IP blocks. https://stackoverflow.com/questions/41240761/check-if-ip-address-is-in-private-network-space

func IsIpInList ¶

func IsIpInList(ip net.IP, list []*net.IPNet) bool

Checks whether a string is in a list of strings. Returns true if this is the case, otherwise returns false.

func IsPrivateIP ¶

func IsPrivateIP(ip net.IP, privateIPBlocks []*net.IPNet) bool

This method checks whether a provided IP is a private IP. If this is the case it returns true, otherwise false. https://stackoverflow.com/questions/41240761/check-if-ip-address-is-in-private-network-space

func New ¶

func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error)

New creates a new plugin. Returns the configured BlockUrls plugin object.

func ParseIP ¶

func ParseIP(address string) (net.IP, error)

Tries to parse the IP from a provided address. Returns the ip and no error on success, otherwise returns nil and the occured error.

Types ¶

type Config ¶

type Config struct {
	AllowLocalRequests bool     `yaml:"allowLocalRequests"`
	Regex              []string `yaml:"regex,omitempty"`
	SilentStartUp      bool     `yaml:"silentStartUp"`
	StatusCode         int      `yaml:"statusCode"`
}

func CreateConfig ¶

func CreateConfig() *Config

CreateConfig creates the default plugin configuration.

Source Files ¶

View all Source files

traefik_block_regex_urls.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL