Sign Up for Free

RunKit +

Try any Node.js package right in your browser

This is a playground to test code. It runs a full Node.js environment and already has all of npm’s 400,000 packages pre-installed, including express-blacklist with all npm packages installed. Try it out:

var expressBlacklist = require("express-blacklist")

This service is provided by RunKit and is not affiliated with npm, Inc or the package authors.

express-blacklist v1.0.3

Express middleware that rejects requests listed on blacklist

express-blacklist

NodeJS Express middleware that rejects incoming traffic from a pre-defined source (blacklist file)

Usage

$ npm install express-blacklist

Setting up your express server with express-blacklist support

var blacklist = require('express-blacklist');

app.use(blacklist.blockRequests('blacklist.txt'));

blacklist.txt should look like this (list of IP addresses):

192.168.1.200
192.168.17.193
192.168.65.76
192.168.232.89

Integrate express-blacklist with express-defend

You might want to do this if you want to detect and reject malicious traffic on your site, when an attacker tries to find XSS or Path traversal security issues on your site.

var expressDefend = require('express-defend');
var blacklist = require('express-blacklist');

app.use(blacklist.blockRequests('blacklist.txt'));
app.use(expressDefend.protect({ 
    maxAttempts: 5, 
    dropSuspiciousRequest: true, 
    logFile: 'suspicious.log', 
    onMaxAttemptsReached: function(ipAddress, url){
        blacklist.addAddress(ipAddress);
    } 
}));
RunKit is a free, in-browser JavaScript dev environment for prototyping Node.js code, with every npm package installed. Sign up to share your code.
Sign Up for Free