Introduction

Scanners and hackers are rife in the internet and you may find your system logs full of attempts to hack your website. For instance, to check for WordPress or ASP.NET, or an administrator back door.

There are tools which can help you secure your website but these normally scan through log files to determine whether an IP address should be banned and require manual configuration. And, of course, this approach only works after an attacker has got at least one successful HTTP response.

Phoenix provides an elegant solution using its Plug mechanism to analyse HTTP requests and take immediate action. I will show how to set up Linux firewall rules and add a Phoenix module plug to your endpoint to ban hostile IP addresses.

As a cautionary note, be very careful when testing this method from the IP address you normally use to access your website host, as you may find yourself blocked.