Redis-backed real-time IP risk assessment engine that automatically identifies and blocks malicious requests through dynamic scoring and multi-dimensional behavior analysis
go get github.com/pardnchiu/golang-ip-sentry· Documentation
Execute risk calculations across four dimensions simultaneously — basic correlation, geolocation, behavior patterns, and device fingerprinting — then merge weighted results into a 0–100 risk score. Automatically trigger rate limiting or blocking when scores exceed thresholds, responding to threats in real time without manual intervention.
Integrate MaxMind GeoLite2 databases to track connection geography, detecting impossible travel speeds, cross-country hopping, and frequent city switching. Leverage Redis-cached query results to achieve precise location-based risk assessment without sacrificing performance.
Provide Allow, Block, and Deny tiers to handle access policies of varying severity. Block employs exponentially increasing durations, automatically escalating to permanent Deny with email notification once a threshold is reached, while synchronizing state to both Redis and local files for data persistence.
graph TB
REQ[HTTP Request] --> MW[Middleware]
MW --> CHK[Check]
CHK --> ALLOW{Allow?}
ALLOW -->|Trust| PASS[Pass]
ALLOW -->|Deny/Block| REJECT[Reject]
ALLOW -->|Unknown| SCORE[Dynamic Score]
SCORE --> B[Basic]
SCORE --> G[Geo]
SCORE --> BH[Behavior]
SCORE --> FP[Fingerprint]
B & G & BH & FP --> MERGE[Merge Score]
MERGE -->|≥100| BLK[Block IP]
MERGE -->|< threshold| PASS
BLK -->|Count ≥ N| DEN[Deny IP + Email]
golang-ip-guardian/
├── instance.go # Initialization and main check flow
├── score.go # Dynamic risk scoring engine
├── geo.go # GeoLite2 geolocation detection
├── device.go # Device identification and fingerprinting
├── middleware.go # Gin / net/http middleware
├── allow.go # Allowlist management
├── block.go # Block management (exponential backoff)
├── deny.go # Denylist management (with email notification)
├── type.go # Type and constant definitions
├── test/ # Test files and data
├── go.mod
└── LICENSE
This project is licensed under the MIT LICENSE.
©️ 2025 邱敬幃 Pardn Chiu