The Security page provides a comprehensive view of your system's security status, including blocked IPs, security events, and protected routes.
Security Overview
The main dashboard shows key security metrics at a glance:
- Blocked IPs — Current number of blocked IP addresses
- Events Today — Security events in the last 24 hours
- Protected Routes — Number of configured protected routes
- Whitelist Entries — IPs/ranges excluded from security checks
Security Events
The Events tab shows all recorded security events. Each event includes:
- Timestamp — When the event occurred
- Event Type — Type of security event
- Source IP — Originating IP address
- Path — Requested URL path
- Deployment — Affected deployment (if applicable)
- Details — Additional event information
Event Types
| Type | Description |
|---|---|
| Blocked IP | Request from a blocked IP address |
| Rate Limited | IP exceeded request rate limit |
| Auth Failed | Failed authentication attempt |
| Suspicious | Suspicious request pattern detected |
| Scan Detected | Vulnerability scan detected |
Filtering Events
Use the filter bar to narrow down events:
- Date Range — Select a time period
- Event Type — Filter by specific event types
- Source IP — Search for specific IP addresses
- Deployment — Filter by deployment
Blocked IPs
The Blocked IPs tab shows all currently blocked IP addresses.
Blocking an IP
- Click "Block IP" button
- Enter the IP address
- Optionally add a reason
- Set block duration (or permanent)
- Click "Block"
Unblocking an IP
- Find the IP in the blocked list
- Click the unblock icon (🔓)
- Confirm the action
Viewing IP Details
Click on an IP address to see all security events associated with it:
- Total events count
- Event timeline
- Targeted paths
- Affected deployments
Protected Routes
Protect sensitive paths with authentication requirements.
Creating a Protected Route
- Go to the Protected Routes tab
- Click "Add Route"
- Configure the route:
- Path — URL path to protect (e.g.,
/admin) - Method — HTTP method (GET, POST, ALL)
- Auth Type — Basic auth or Bearer token
- Credentials — Username/password or token
- Deployment — Limit to specific deployment (optional)
- Path — URL path to protect (e.g.,
- Click "Save"
/admin/* protects all paths under /admin.
Editing Protected Routes
Click on a route to edit its configuration or delete it.
Whitelist Management
Whitelisted IPs, CIDR ranges, or paths bypass all security checks.
Adding Whitelist Entries
- Go to the Whitelist tab
- Click "Add Entry"
- Select entry type:
- IP — Single IP address
- CIDR — IP range (e.g.,
10.0.0.0/8) - Path — URL path pattern
- Enter the value
- Add a description (optional)
- Click "Add"
Common Whitelist Examples
10.0.0.0/8— Internal network192.168.1.0/24— Local subnet/health— Health check endpoint/.well-known/*— ACME challenges
Real-time Capture
Enable real-time capture to view all incoming requests live. This is useful for debugging but should only be used temporarily.
- Go to Settings → Real-time Capture
- Toggle "Enable Capture"
- Watch requests appear in real-time
- Disable when done
Security Statistics
The Stats section provides aggregated security data:
- Events by Type — Breakdown of event categories
- Top Offending IPs — IPs with most events
- Targeted Paths — Most frequently attacked paths
- Timeline — Events over time chart
Deployment Security
Configure security settings per deployment from the deployment detail page:
- Navigate to the deployment
- Go to the Security tab
- Configure deployment-specific settings:
- Custom rate limits
- Allowed IP ranges
- Blocked paths
Event Cleanup
Old security events are automatically cleaned up based on retention settings. To manually trigger cleanup:
- Go to Settings → Maintenance
- Click "Cleanup Events"
- Select retention period
- Confirm
Keyboard Shortcuts
| Shortcut | Action |
|---|---|
b | Open block IP dialog |
r | Refresh events |
/ | Focus search |