4 Repos
Access control mechanisms where permissions are determined by executing custom scripts against request metadata.
Distinct from Identity-Based Access Control: Distinct from Identity-Based Access Control by focusing on the programmable logic used to evaluate access rather than just the identity provider.
Explore 4 awesome GitHub repositories matching security & cryptography · Scriptable Access Controls. Refine with filters or upvote what's useful.
Not-paid is a client payment protection tool and website access control script designed to discourage non-payment by progressively reducing the visibility of a delivered website. It functions as a CSS opacity payment enforcer that renders a site increasingly transparent based on a predefined payment due date. The tool applies a visual penalty to a website to pressure non-paying clients into completing payments or recovering outstanding debts. It achieves this by gradually decreasing the opacity of the page body over a set period until the site becomes invisible.
Employs a frontend script to render the site increasingly transparent based on a payment due date.
This project is an NGINX module that embeds the Lua scripting language directly into the server environment. It functions as a request processor and response filter, enabling the execution of scripts to handle HTTP requests, generate dynamic content, and manage server behavior without external application calls. The module provides a shared memory dictionary and cache manager, allowing data to be stored and retrieved across all active worker processes. This capability supports the collection of high-performance server metrics and the synchronization of information across concurrent processes.
Implements programmable access control that validates client identity and request metadata via Lua scripts to permit or block traffic.
This is a Node.js middleware for Express and Node.js servers that manages Cross-Origin Resource Sharing policies. It functions as a policy manager and origin validator to define which origins, HTTP methods, and headers are permitted to access server resources. The project provides mechanisms for dynamic origin validation, allowing request origins to be checked against custom logic or databases. It also acts as an HTTP preflight request handler to process OPTIONS requests and verify server permissions before complex cross-site interactions occur. Its capability surface covers the management o
Implements programmable logic to evaluate whether a specific incoming request origin should be granted access.
VeryNginx ist eine Lua-basierte Nginx-Erweiterung und eine programmierbare Web Application Firewall (WAF). Sie bietet ein Management-Kontrollpanel und ein Dashboard zur Verkehrsüberwachung, um Servereinstellungen zu konfigurieren und Anfragestatistiken zu analysieren, ohne manuelle Änderungen an Konfigurationsdateien vornehmen zu müssen. Das Projekt implementiert eine programmierbare Sicherheitsschicht, um bösartigen Datenverkehr zu filtern und gängige Webangriffe wie SQL-Injection und Directory-Traversal zu blockieren. Es enthält Tools zur Einschränkung von Bot-Traffic durch Request-Rate-Limiting und Browser-Identitätsprüfung. Das System deckt Verkehrsmanagement via URI-Routing und -Umleitung sowie Echtzeit-Observability ab. Dies umfasst das Monitoring der Servergesundheit, die Analyse des Netzwerkverkehrs sowie die Aggregation von Performance-Metriken und Statuscode-Verteilungen pro eindeutiger Ressource.
Enforces rate limits and validates browser identities using custom programmable logic before requests reach the backend.