Cannot ban myself...! (Django Project)

1

Hello,

I’ve been playing around with django bouncer.

I installed the “pycrowdsec” package and followed instructions as suggested here.

I added my IP to the banned list but I cannot get it running…

Any ideas? Thanks …

2

Since username is the same, I guess its the same user as discord post

TLDR; the pycrowdsec middleware uses request.META.get('REMOTE_ADDR') , however, if you have an upstream proxy you must ensure the remote_addr is being set correctly by django

3

Hi Loz,
Yes, I’m him…
I’ve got it running as expected. Thank you for directing me to the right path.

I’m noting down what I’ve done for the record:

1) I’ve created “cloudflare_ips.conf” in /etc/nginx/conf.d/. Make sure this directory is included in /etc/nginx/nginx.conf as " /etc/nginx/conf.d/.*.conf".

cloudflare_ips.conf:

- IPv4

set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 104.16.0.0/13;
set_real_ip_from 104.24.0.0/14;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 131.0.72.0/22;

- IPv6

set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2a06:98c0::/29;
set_real_ip_from 2c0f:f248::/32;

real_ip_header X-Forwarded-For;
real_ip_recursive on;

NOTE: ideally set a cronjob to update these Cloudflare IP’s periodically.

2) In Nginx conf file (I did it in site specific conf to stay focused), I added:
proxy_set_header X-Forwarded-For $remote_addr;

NOTE: Even though this line seems redundant (I commented out this line and “pycrowdsec” still worked for me without problem), I’m keeping it there anyway.

3) In Django project’s settings.py file, I added:
PYCROWDSEC_REQUEST_TRANSFORMERS = [lambda request: request.META.get(“HTTP_X_FORWARDED_FOR”).split(‘,’)[0] if request.META.get(“HTTP_X_FORWARDED_FOR”) else request.META.get(‘REMOTE_ADDR’)]

NOTE: This is for a site sitting behind Cloudlfare. “pycrowdsec middleware” defaults to “request.META.get(‘REMOTE_ADDR’)”.
So, we need to override this default behavior by adding the “PYCROWDSEC_REQUEST_TRANSFORMERS” in settings.py file. Otherwise, pycrowdsec sees Cloudflare IPs, not the visitor’s real IP…!

1 Like