Black List IP plug

I try to create black list for ip in my Phoenix app, I already have DB and function to check is ip in black list or not. What is the right way to do it?

If i try plug

def ip_check(conn, _opts) do
    real_ip = Helpers.ip_to_str(conn.remote_ip)
    conn =
      if is_ip_blocked?(real_ip) do
        conn |> halt()


on connection i get exception

[debug] Phoenix.Router halted in :browser/2
[error] #PID<0.707.0> running Phoenix.Endpoint.SyncCodeReloadPlug (connection #PID<0.706.0>, stream id 1) terminated
Server: localhost:4000 (http)
Request: GET /
** (exit) an exception was raised:
    ** (Plug.Conn.NotSentError) a response was neither set nor sent from the connection

Hey @kotolex_23 you still need to send a response to the client like conn |> send_resp(403, "forbidden").

1 Like

You should send something as a response before |> halt():

|> send_resp(:unauthorized, "Unauthorized")
|> halt()
1 Like

thanx guys!

Not really what you asked for but check out Plug attack GitHub - michalmuskala/plug_attack: A plug building toolkit for blocking and throttling abusive requests

Also, Cloudflare has a good (free?) service for this.

That repo amusingly had 403 stars before I made them 404.


useful, thx

1 Like

^ thanks for linking this talk. If you’re looking for a commercial solution, does this along with some additional security features, like blocking cloud data center IPs, which are often malicious.