bpanel-whitelist
v0.0.1
Published
A backend plugin for bPanel to whitelist endpoints, so that all non-whitelisted endpoints will be blocked
Downloads
4
Maintainers
Readme
bPanel Whitelist
This plugin utilizes bPanel's backend plugin system to enable whitelisting for backend endpoints. This adds additional security for your bPanel server ontop of the available by default blacklisting.
If whitelisting is enabled, then any endpoints that don't match the criteria
will be blocked with a 403
response sent back to any client that made the request.
Installation
With bpanel-cli:
$ bpanel-cli i bpanel-whitelist
Usage
Once enabled, you can add whitelisted endpoints the same way as blacklisting, via the bcfg interface.
The whitelist
configuration supports an array of strings, of regular expressions
or of objects with method
, path
, and optionally body
parameters.
For strings and regular expressions, these can be set at runtime via the cli, otherwise
the whitelist can be set in your bpanel's config.js
.
NOTE: The whitelist only applies to requests made to a node via the clients
endpoints.
EXAMPLE: This will only allow calls to your node for the wallets, getting node info, and rpc calls to get peer info and get blocks (e.g. for recent blocks and and the peers widget). This will, for example, block a request to stop your node.
module.exports = {
plugins: ['bpanel-whitelist'],
whitelist: [
{
method: 'ALL',
path: 'wallet',
},
{
method: 'GET',
path: 'node',
},
{
method: 'POST',
path: 'node',
body: {
method: /getpeer\w+|(getblock)\w+/,
},
},
],
};
whitelist-enabled
There is an optional config to enable/disable the whitelist. It will automatically
be disabled if there is no whitelist
config. If this is set to false
, then
all non-blacklisted endpoints will be re-enabled.
Debug mode
If you are having problem with another plugin and want to see if a particular endpoint
needs to be whitelisted, you can set log-level
to debug
mode. This will log out
any requests that are being blocked so that you can add them to your whitelist if
desired.