Django security app - IP/email/country blocking, rate limiting, login tracking, auto-blocking
Project description
Yes, the package README needs to be updated. Let me create a proper one for nai-security:
Set-Content -Path "D:\NAI_Project\nai-security\README.md" -Value @"
# NAI Security
Django security package for IP blocking, country blocking, email blocking, rate limiting, and login tracking.
## Features
- **IP Blocking** - Block specific IPs manually or automatically
- **Country Blocking** - Block/allow countries using GeoIP
- **Email Blocking** - Block disposable emails and specific addresses
- **Domain Blocking** - Block email domains (disposable, spam, etc.)
- **User Agent Blocking** - Block bots, scrapers, attack tools
- **Rate Limiting** - Custom rate limit rules per endpoint
- **Login History** - Track user logins with anomaly detection
- **Auto-Blocking** - Automatically block IPs/countries based on attack patterns
- **Security Logs** - Comprehensive logging of all security events
- ✅ **Dynamic Login Attempt Limits** - Configurable max login attempts via admin panel (integrates with django-axes)
## Installation
``````bash
pip install git+https://github.com/nematiai/nai-security.git
Or add to requirements.txt:
git+https://github.com/nematiai/nai-security.git@main#egg=nai-security
Quick Start
1. Add to INSTALLED_APPS
INSTALLED_APPS = [
...
"nai_security",
]
2. Add Middleware
MIDDLEWARE = [
"django.middleware.security.SecurityMiddleware",
...
"nai_security.middleware.SecurityMiddleware", # After SecurityMiddleware
...
"nai_security.middleware.RateLimitLoggingMiddleware", # Near the end
]
3. Configure Settings
# GeoIP database path
GEOIP_PATH = "/path/to/GeoLite2-Country.mmdb"
# Optional: Enable/disable middleware
SECURITY_MIDDLEWARE_ENABLED = True
RATELIMIT_MIDDLEWARE_ENABLED = True
4. Run Migrations
python manage.py makemigrations nai_security
python manage.py migrate
5. Download GeoIP Database
python manage.py download_geoip
Dependencies
Required:
- Django >= 4.2
- geoip2 >= 4.0
- redis >= 4.0
Optional:
- django-axes >= 6.0 (login attempt tracking)
- django-ratelimit >= 4.0 (rate limiting)
- django-import-export >= 3.0 (admin import/export)
- django-unfold >= 0.10 (admin theme)
Install all optional dependencies:
pip install nai-security[all]
Environment Variables
| Variable | Default | Description |
|---|---|---|
GEOIP_PATH |
./geoip/GeoLite2-Country.mmdb |
Path to GeoIP database |
SECURITY_MIDDLEWARE_ENABLED |
True |
Enable security middleware |
RATELIMIT_MIDDLEWARE_ENABLED |
True |
Enable rate limit logging |
Management Commands
# Download GeoIP database
python manage.py download_geoip
# Sync disposable email domains and bad bot lists
python manage.py sync_security_lists
python manage.py sync_security_lists --domains-only
python manage.py sync_security_lists --bots-only
Celery Tasks
Add to your Celery beat schedule:
CELERY_BEAT_SCHEDULE = {
'security-auto-blocks': {
'task': 'security.process_auto_blocks',
'schedule': crontab(minute='*/5'), # Every 5 minutes
},
'security-cleanup-expired': {
'task': 'security.cleanup_expired_blocks',
'schedule': crontab(minute=0, hour='*'), # Every hour
},
'security-sync-lists': {
'task': 'security.sync_security_lists',
'schedule': crontab(minute=0, hour=0, day_of_week=0), # Weekly
},
'security-daily-report': {
'task': 'security.generate_security_report',
'schedule': crontab(minute=0, hour=6), # Daily at 6 AM
},
}
Models
| Model | Description |
|---|---|
BlockedIP |
Blocked IP addresses |
BlockedCountry |
Blocked countries |
AllowedCountry |
Allowed countries (whitelist mode) |
BlockedEmail |
Blocked email addresses |
BlockedDomain |
Blocked email domains |
BlockedUserAgent |
Blocked user agents |
WhitelistedIP |
IPs that bypass all checks |
RateLimitRule |
Custom rate limit rules |
LoginHistory |
User login tracking |
SecurityLog |
Security event logs |
SecuritySettings |
Global settings (singleton) |
Axes Integration
To enable dynamic login attempt control:
# settings.py
AXES_HANDLER = 'nai_security.handlers.DynamicAxesHandler'
Now admins can change the lockout threshold in real-time via the Security Settings admin panel.
License
MIT License
Author
Ali Nemati - NEMATI AI "@
This README provides a comprehensive overview of the `nai-security` package, including its features, installation instructions, configuration, dependencies, and more. You can further customize it as needed.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
nai_security-1.3.0.tar.gz
(27.8 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file nai_security-1.3.0.tar.gz.
File metadata
- Download URL: nai_security-1.3.0.tar.gz
- Upload date:
- Size: 27.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
01d276e95e9ce51161d58b9e57db82d926d3e44194334469274d9d1880a5006c
|
|
| MD5 |
caceab34213a0dd30dfac980ac0df97e
|
|
| BLAKE2b-256 |
2cef84f0c2413e997ad3c31e42862a4e6c6b6f1e3854e1827ba7d652e1eec6f7
|
File details
Details for the file nai_security-1.3.0-py3-none-any.whl.
File metadata
- Download URL: nai_security-1.3.0-py3-none-any.whl
- Upload date:
- Size: 38.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3a53960216fd7f11931f098dfea0134798273110c0ffc550dae8c876526d2771
|
|
| MD5 |
abbaf847eba2d68d62b88d6aeba5fbf0
|
|
| BLAKE2b-256 |
5544ec2e31dfbff2a9496ea7c799ffb28b039609e931f0190126212c9cc57433
|
