Nirikshan

A declarative Cloud firewall reverse proxy solution with inbuilt DDoS protection and alerting mechanism to protect your servers and keeping an eye on those malicious requests

🤔 What is Nirikshan?

Nirikshan is an cloud firewall reverse proxy with an inbuilt ddos prevention and alerting solution. Does that sound complex? Let's break it down.

Cloud: A system/server that is sitting on the cloud
Firewall: A system that denies/allows a packet based on some instruction and conditional logic
Reverse Proxy: A system that sits in-front of your actual server and forward the request to your actual server safely
DDoS Protection: A system that detects DDoS and contains the attack
Alerting: A system that someone notifies you when it has detected that something has gone wrong

Nirikshan is a combination of all these! Yes, you read that right.

Imagine you wanted to block people using iPhone to access your server, or people using Chrome or accessing from IPs of specific location. You can do that all with Nirikshan!

To top it off, there is an inbuilt ddos and rate-limiting mechanism, so if anything suspcious occurs, the Nirikshan Telegram bot will immedietly alert you with all the details after which you can use the companion Nirikshan Rekon App to monitor and take action.

What are the major advantages of using Nirikshan?

Declarative security policies using YAML
Has an companion App that you can use to monitor the requests
Has an Telegram Bot that will immedieatly alert you if something goes wrong

What are some upcoming features?

Promethues and Grafana support for better analysis
Packet analysis to ensure no secrets are being leaked
Slack and Discord support

💻 Usage

Why is Nirikshan required?

With Nirikshan you can do the following:

Block any OS(s)from accessing your server
Block any specific browsers from accessing your server
Block any device type from accessing your server
Block all requests for specific time in a day (eg: 11PM-12PM)
Blacklist IP addresses from accesing your server
Block specific routes dynamically to contain violations
Rate limit and ddos protect your server
Monitor all the requests to your server
Analyse and dynamically apply security policies on the fly
Get notified for any sort of policy violation events

With this level of granularity you have full access to the networking from outside world to your server which are sending requests.

⬇ Installation

Go to Telegram and interact with the Nirikshan Bot here
Send the command /getid to get your chat ID
Now clone the repository using the following command

git clone https://github.com/Shastram/nirikshan

Writting Security Policies

Open the file config.yaml and write the security policies you wish to write, to add multiple site, just copy the siteData node and populate it with your own values

nirikshanVersion: 1.0.0
siteConfigs:
  - siteData:
      siteName: "google" # The name of the route
      forwardingUrl: "https://google.com" # Where the request should be forward
      blockedOs:
        - "iOS" # Add multiple operating systems you wish to block
      blockedBrowser:
        - "Chrome" # Add multiple browsers you wish to block
      blockedDevice:
        - "iPhone"
      blockedOSVersion:
        - "15.1" # Add multiple browsers you wish to block
      blockedLocations:
        - "/create" # You can also block specific path routes
      blockedIPs:
        - "192.168.1.2" # Blacklisted IP addresses
        - "192.168.4.1"

Setting up via Docker Compose

Nirikshan uses the following databases:

redis, for ddos detection mechanism
mongodb, for dbms purposes

You can efforlessly run Nirikshan with one command.

Simple run the following command:

docker-compose up

Ensure to replace the TELEGRAM_BOT_TOKEN and TELEGRAM_USER obtained before cloning the repository in the docker-compose.yaml file.

environment:
  - JWT_SECRET=nirikshan
  - DB_SERVER=mongodb://mongo:27017
  - DB_USER=root
  - DB_PASSWORD=toor
  - REDIS_SERVER=redis:6379
  - TELEGRAM_BOT_TOKEN=123 # add your telegram bot token here
  - TELEGRAM_USER=123 # add your telegram user id here from the bot

Setup Manually

Make sure you setup MongoDB and Redis and have thier URLs.

Populate your environment variables with the following

JWT_SECRET=nirikshan
DB_SERVER=mongodb://mongo:27017
DB_USER=root
DB_PASSWORD=toor
REDIS_SERVER=redis:6379
TELEGRAM_BOT_TOKEN=123 # add your telegram bot token here
TELEGRAM_USER=123 # add your telegram user id here from the bot

Run the server using the following command from the root of the project
```
go run api/main.go
```

NOTE: Make sure to use the Nirikshan Rekon App to monitor all the logs on the fly!

🛠 Architecture and Structure

⭐ Show your support

Give a ⭐ if you liked this project!

Spread the word to your fellows to safeguard your API's!

🤝 Contributions

Feel Free to Open a PR/Issue for any feature or bug(s).
Make sure you follow the community guidelines!
Feel free to open an issue to ask a question/discuss anything about nirikshan.
Have a feature request? Open an Issue!

⚖ License

Licensed under MIT License : https://opensource.org/licenses/MIT

Made with ❤ and multiple cups of coffee

Shastram / nirikshan