realcorvus
Paraxial.io - Bot prevention for Elixir/Phoenix apps
Hi Elixir Forum,
I’ve been working on Paraxial.io for a while now, and am excited to announce the beta is officially live! Here’s the announcement post.
If you currently use reCaptcha or a CDN based bot defense (Cloudflare, Akamai, etc.), you’re familiar with the problems bots cause. I’ve seen bypasses of both these systems via:
- Outsourced/automated captcha solving.
- Hosts leaking their IP address, leading to the CDN protection being completely bypassed.
The key features of Paraxial.io are:
- You install the agent through your mix file.
- You can define a rule like, “If an IP sends > 10 logins in 10 seconds, ban it”. Unlike a CDN based approach, this cannot be bypassed due to a host IP leak.
- If an attacker is using a cloud server (AWS, GCP, etc.) for a large pool of IPs (see Bypassing IP Based Blocking with AWS API Gateway), the Paraxial.io agent can be configured to block cloud provider IPs.
- You control the data you want to send to the Paraxial.io backend, unlike a CDN where all your data has to pass through a third party server.
- A nice dashboard showing allowed and blocked requests.
The price for a personal account is $27 per month, where your site has less than 10,000 good events per month. If you sign up for the beta and provide feedback, I’m happy to drop that to $9. Business pricing scales with the number of requests.
To get access, email support@paraxial.io and I’ll add your email to the approved users list.
I hope this is posted under the correct category, I can move it if it violates a forum rule. Thank you!
Most Liked
realcorvus
Hello Elixir forum, it has been 2 years since Paraxial.io first went live, and I would like to thank you all for the incredible feedback and support you have shown. The goal of Paraxial.io is to help developers secure their work, and today I’m very excited to announce a free non-commercial tier: Paraxial.io is Free for Elixir Developers
You can sign up now, no credit card required, and use most of the available features to improve the security of your side project, academic work, or just learn more about appsec. The free tier limits:
- Maximum of 2 Sites.
- You cannot invite users to a Site.
- HTTP traffic cannot be ingested by the backend.
- Limit of 30 scans per site, per month.
realcorvus
Hi Elixir Forum,
Paraxial.io 2.0 recently launched, here’s the announcement blog post - Introducing Paraxial.io 2.0
And a video overview of the features:
The original launch was just over a year ago, and focused on stopping bot attacks. This release helps you ensure the Elixir application you deploy cannot be hacked. For example, the sites overview page gives a list of your current sites, if they are exposed to the internet, and a summary of vulnerabilities.
There are a number of security metrics relevant to Elixir applications, including:
- Active vulnerabilities
- Dependency versions
- Recent exploitation attempts
- HTTP traffic
- Rules for restricting bot attacks
The new Overview page for each site displays the most relevant information on one screen.
A common barrier to using security tools in Elixir is the high number of initial findings. Paraxial.io is able to prioritize findings by severity, and provide details on how to fix the issue.
The mix task is fully compatible with your CI/CD pipeline, because it runs as normal Elixir code. For example, you can configure a Github action to check each new pull request for security problems.
If no issues are found the build is successful.
The feedback and support from the community has been really fantastic, and this release incorporates so many things learned over the last several months. Thank you all for the support, I’m so grateful to be working in Elixir, and hope this release will encourage further adoption of the language.
realcorvus
Hi everyone, just a brief update, the beta is no longer invite only! I’ve published a step-by-step guide to installing Paraxial via mix here - Getting started with Paraxial.io, Free Tier — Paraxial v2.10.0
To create an account, just visit - https://app.paraxial.io/users/register - and sign up. The agent is hosted on Hex, and installation only takes a few minutes.
Popular in Discussions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance















