config&http: allow blocking websocket connections from the specified hosts

Signed-off-by: Yonle <yonle@lecturify.net>
2025-09-20 06:30:37 +02:00 · 2024-02-18 20:07:46 +07:00
parent b75f22a105
commit c66d158a76
2 changed files with 11 additions and 0 deletions
--- a/config.js.example
+++ b/config.js.example
@@ -89,6 +89,15 @@ module.exports = {
    // ....
  ],

+  // Block incomming websocket connections from the following hosts.
+  blocked_hosts: [
+    // "127.0.0.1",
+    // "127.0.0.2",
+    // "::1",
+    // "::2",
+    // ....
+  ],
+
  // Used for accessing NIP-42 protected events from certain relays.
  // It could be your key. Leaving this empty completely disables NIP-42 function.
  //
--- a/http.js
+++ b/http.js
@@ -89,6 +89,8 @@ server.on('upgrade', (req, sock, head) => {
  }

  const ip = req.headers["x-forwarded-for"]?.split(",")[0] || sock.address()?.address;
+
+  if (config.blocked_hosts && config.blocked_hosts.includes(ip)) return sock.destroy();
  const lv = lastConn.get(ip) // last visit
  if (config.incomming_ratelimit && (config.incomming_ratelimit > (Date.now() - lv))) {
    log(`Rejected connection from ${ip} as the last connection was ${Date.now() - lv} ms ago.`);