WarpBox Security

Manual controlsadmin actions
Ban duration, whitelist rules and trusted proxies are managed in Settings - Security.
Recent alerts{{ len .Alerts }} total
    Active bans{{ len .Bans }} active bans
    IP Status Ban expires (UTC)

    No IP selected

    • Risk: -
    • Threat: -
    • Geo: GeoIP not enabled yet
    • ASN: GeoIP not enabled yet
    • Ban until: -
    • Why banned: -
    Recent security activity{{ len .Events }} rows
    Time Kind Severity IP Path Message
    Security Runbookops quick reference

    Reverse Proxy and Trusted CIDRs

    Set WARPBOX_TRUSTED_PROXY_CIDRS to the CIDRs of your proxy nodes only. WarpBox will trust forwarding headers only when the direct remote IP is in this list.

    Caddyfile
:443 {
  reverse_proxy 127.0.0.1:8080 {
    header_up X-Forwarded-For {http.request.remote.host}
    header_up X-Real-IP {http.request.remote.host}
  }
}

    Ban / Unban Safety

    Use custom ban durations only for active incidents. Prefer temporary bans. Review the "why banned" detail before unbanning to avoid immediate re-abuse.

    Tuning Guidance

    Low traffic: lower security_*_max_attempts. High traffic: increase windows and attempt thresholds gradually, then monitor alerts/activity for false positives.

    GeoIP Guide (planned)

    For geoip2fast, keep lookups async-safe with a single loaded database, add a short timeout per lookup, cache by IP with TTL, and degrade gracefully to "unknown" on failures. Start with security detail pane only, then aggregate stats later.