Allow or block requests by IP address

[Kaliumhexacyanoferrat]

As the operator of a web application, I would like to restrict access to a known set of IP addresses so that unauthorized access is blocked.

Example

var content = Layout.Create(...);

var response = Content.From(Resource.FromString("Don't you dare"));

var access = Access.Create()
                   .Rule(AccessRule.BlockIP("91.8.20.0", response))
                   .Rule(AccessRule.BlockIPs(...))
                   .Rule(AccessRule.AllowIP(...));

content.Add(access);

Acceptance criteria

• The functionality is implemented as a concern in the security module
• Requests can be blocked (blacklist) or allowed (whitelist) by IP address (or range)
• The handler returns the given content alongside with a AccessDenied status code if the request is blocked
• If no content is given, a default error page is rendered to inform the user
• The framework is open for additional access rules in the future (e.g. geoblocking, behavior-based, ...)
• Acceptance tests are written for this functionality