This plugin is a middleware for Traefik that can be used to detect and block malicious requests which base on the Safeline engine.
For a plugin to be active for a given Traefik instance, it must be declared in the static configuration.
Plugins are parsed and loaded exclusively during startup, which allows Traefik to check the integrity of the code and catch errors early on. If an error occurs during loading, the plugin is disabled.
For security reasons, it is not possible to start a new plugin or modify an existing one while Traefik is running.
Once loaded, middleware plugins behave exactly like statically compiled middlewares. Their instantiation and behavior are driven by the dynamic configuration.
Plugin dependencies must be vendored for each plugin. Vendored packages should be included in the plugin's GitHub repository. (Go modules are not supported.)
For each plugin, the Traefik static configuration must define the module name (as is usual for Go packages).
The following declaration (given here in YAML) defines a plugin:
# Static configuration
experimental:
plugins:
safeline:
moduleName: github.com/chaitin/traefik-safeline
version: v1.0.0Here is an example of a file provider dynamic configuration (given here in YAML), where the interesting part is the http.middlewares section:
# Dynamic configuration
http:
routers:
my-router:
rule: host(`demo.localhost`)
service: service-foo
entryPoints:
- web
middlewares:
- chaitin
services:
service-foo:
loadBalancer:
servers:
- url: http://127.0.0.1:5000
middlewares:
chaitin:
plugin:
safeline:
addr: safeline-detector.safeline:8000