+
+
+
<%= link_to "Rule ##{rule.id}", rule_path(rule), class: "text-blue-600 hover:text-blue-900" %>
-
- <%= rule.source.humanize %>
- <% if rule.network_range? && rule.network_range %>
- • <%= link_to rule.network_range.cidr, network_range_path(rule.network_range), class: "text-blue-600 hover:text-blue-900" %>
- <% end %>
-
+
+
+ <% if rule.waf_policy.present? %>
+
+
Policy
+
+ <%= link_to rule.waf_policy.name, waf_policy_path(rule.waf_policy), class: "text-blue-600 hover:text-blue-900" %>
+
+
+ <% end %>
+
+
+ <% if rule.network_range? && rule.network_range %>
+
+
IP network
+
+ <%= link_to rule.network_range.cidr, network_range_path(rule.network_range), class: "text-blue-600 hover:text-blue-900" %>
+ <% if rule.network_range.company.present? %>
+
<%= rule.network_range.company %>
+ <% end %>
+
+
+ <% elsif rule.conditions.present? && rule.conditions&.dig('cidr').present? %>
+
+
IP network
+
+ <%= rule.conditions['cidr'] %>
+
+
+ <% end %>
- <%= rule.rule_type.humanize %>
+ <%= rule.waf_rule_type.humanize %>
- <%= rule.action.upcase %>
+ <%= rule.waf_action.upcase %>
-
- <% if rule.network_range? && rule.network_range %>
- <%= rule.network_range.cidr %>
- <% if rule.network_range.company.present? %>
- <%= rule.network_range.company %>
- <% end %>
- <% elsif rule.conditions.present? %>
-
- <%= JSON.parse(rule.conditions || "{}").map { |k, v| "#{k}: #{v}" }.join(", ") rescue "Invalid JSON" %>
+
+ <% event_count = rule.events.count %>
+ <% if event_count > 0 %>
+ <%= link_to number_with_delimiter(event_count), events_path(rule_id: rule.id), class: "text-blue-600 hover:text-blue-900 font-medium" %>
+
+ <%= rule.events.where(waf_action: :deny).count %> blocked
<% else %>
-
diff --git a/app/views/rules/new.html.erb b/app/views/rules/new.html.erb
index 34d7233..c591e1e 100644
--- a/app/views/rules/new.html.erb
+++ b/app/views/rules/new.html.erb
@@ -40,9 +40,9 @@
- <%= form.label :rule_type, "Rule Type", class: "block text-sm font-medium text-gray-700" %>
- <%= form.select :rule_type,
- options_for_select(@rule_types.map { |type| [type.humanize, type] }, @rule.rule_type),
+ <%= form.label :waf_rule_type, "Rule Type", class: "block text-sm font-medium text-gray-700" %>
+ <%= form.select :waf_rule_type,
+ options_for_select(@waf_rule_types.map { |type, _| [type.humanize, type] }, @rule.waf_rule_type),
{ prompt: "Select rule type" },
{ class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
id: "rule_type_select" } %>
@@ -50,9 +50,9 @@
- <%= form.label :action, "Action", class: "block text-sm font-medium text-gray-700" %>
- <%= form.select :action,
- options_for_select(@actions.map { |action| [action.humanize, action] }, @rule.action),
+ <%= form.label :waf_action, "Action", class: "block text-sm font-medium text-gray-700" %>
+ <%= form.select :waf_action,
+ options_for_select(@waf_actions.map { |action, _| [action.humanize, action] }, @rule.waf_action),
{ prompt: "Select action" },
{ class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" } %>
What action to take when this rule matches
@@ -113,13 +113,47 @@
-
+
+
+
+ <%= form.label :path_pattern, "Path Pattern", class: "block text-sm font-medium text-gray-700" %>
+ <%= text_field_tag :path_pattern, "",
+ class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
+ placeholder: "/admin, /wp-login.php, /.env, /phpmyadmin",
+ id: "path_pattern_input" %>
+
Enter the path to match (e.g., /admin, /wp-login.php)
+
+
+
+ <%= form.label :match_type, "Match Type", class: "block text-sm font-medium text-gray-700" %>
+ <%= select_tag :match_type,
+ options_for_select([
+ ["Exact - Matches path exactly", "exact"],
+ ["Prefix - Matches path and subpaths (e.g., /admin matches /admin/users)", "prefix"],
+ ["Suffix - Matches paths ending with pattern (e.g., /.env matches /backup/.env)", "suffix"],
+ ["Contains - Matches paths containing pattern anywhere", "contains"]
+ ]),
+ { class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
+ id: "match_type_select" } %>
+
How the pattern should be matched against request paths
+
+
+
+
+
Example Matches:
+
+ Enter a pattern to see examples
+
+
+
+
+
<%= form.label :conditions, "Conditions", class: "block text-sm font-medium text-gray-700" %>
<%= form.text_area :conditions, rows: 4,
class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
- placeholder: '{"path_pattern": "/admin/*", "user_agent": "bot*"}' %>
+ placeholder: '{"user_agent": "bot*"}' %>
JSON format with matching conditions
@@ -192,19 +226,83 @@ let selectedNetworkData = null;
document.addEventListener('DOMContentLoaded', function() {
const ruleTypeSelect = document.getElementById('rule_type_select');
const networkSection = document.getElementById('network_range_section');
+ const pathPatternSection = document.getElementById('path_pattern_section');
const conditionsSection = document.getElementById('conditions_section');
+ const pathPatternInput = document.getElementById('path_pattern_input');
+ const matchTypeSelect = document.getElementById('match_type_select');
function toggleSections() {
- if (ruleTypeSelect.value === 'network') {
+ const ruleType = ruleTypeSelect.value;
+
+ // Hide all sections first
+ networkSection.classList.add('hidden');
+ pathPatternSection.classList.add('hidden');
+ conditionsSection.classList.add('hidden');
+
+ // Show appropriate section
+ if (ruleType === 'network') {
networkSection.classList.remove('hidden');
- conditionsSection.classList.add('hidden');
+ } else if (ruleType === 'path_pattern') {
+ pathPatternSection.classList.remove('hidden');
} else {
- networkSection.classList.add('hidden');
conditionsSection.classList.remove('hidden');
}
}
+ function updatePathExamples() {
+ const pattern = pathPatternInput.value.trim();
+ const matchType = matchTypeSelect.value;
+ const exampleList = document.getElementById('example_list');
+
+ if (!pattern) {
+ exampleList.innerHTML = '
Enter a pattern to see examples ';
+ return;
+ }
+
+ let examples = [];
+ const cleanPattern = pattern.startsWith('/') ? pattern : '/' + pattern;
+
+ switch(matchType) {
+ case 'exact':
+ examples = [
+ `✓ ${cleanPattern}`,
+ `✗ ${cleanPattern}/users (extra segments)`,
+ `✗ /api${cleanPattern} (not at root)`
+ ];
+ break;
+ case 'prefix':
+ examples = [
+ `✓ ${cleanPattern}`,
+ `✓ ${cleanPattern}/users`,
+ `✓ ${cleanPattern}/dashboard/settings`,
+ `✗ /api${cleanPattern} (not at start)`
+ ];
+ break;
+ case 'suffix':
+ examples = [
+ `✓ ${cleanPattern}`,
+ `✓ /backup${cleanPattern}`,
+ `✓ /config/backup${cleanPattern}`,
+ `✗ ${cleanPattern}/test (extra at end)`
+ ];
+ break;
+ case 'contains':
+ examples = [
+ `✓ ${cleanPattern}`,
+ `✓ /api${cleanPattern}/users`,
+ `✓ /super/secret${cleanPattern}/panel`,
+ `✗ ${cleanPattern}tool (different segment)`
+ ];
+ break;
+ }
+
+ exampleList.innerHTML = examples.map(ex => `
${ex} `).join('');
+ }
+
ruleTypeSelect.addEventListener('change', toggleSections);
+ pathPatternInput.addEventListener('input', updatePathExamples);
+ matchTypeSelect.addEventListener('change', updatePathExamples);
+
toggleSections(); // Initial state
// Pre-select network range if provided
diff --git a/app/views/rules/show.html.erb b/app/views/rules/show.html.erb
index 810a19f..43687c9 100644
--- a/app/views/rules/show.html.erb
+++ b/app/views/rules/show.html.erb
@@ -1,4 +1,4 @@
-<% content_for :title, "Rule ##{@rule.id} - #{@rule.action.upcase}" %>
+<% content_for :title, "Rule ##{@rule.id} - #{@rule.waf_action.upcase}" %>
@@ -23,15 +23,16 @@
Rule #<%= @rule.id %>
- <%= @rule.action.upcase %>
+ <%= @rule.waf_action.upcase %>
@@ -60,12 +61,12 @@
Rule Type
- <%= @rule.rule_type.humanize %>
+ <%= @rule.waf_rule_type.humanize %>
Action
- <%= @rule.action.upcase %>
+ <%= @rule.waf_action.upcase %>
@@ -118,6 +119,38 @@
+
+
+
+
Event Statistics
+ <%= link_to "View Events", events_path(rule_id: @rule.id), class: "text-sm text-blue-600 hover:text-blue-800" %>
+
+
+
+
+
Total Events
+
<%= @rule.events.count %>
+
+
+
+
Blocked Events
+
<%= @rule.events.where(waf_action: :deny).count %>
+
+
+
+
Allowed Events
+
<%= @rule.events.where(waf_action: :allow).count %>
+
+
+
+ <% if @rule.events.any? %>
+
+ Last event: <%= time_ago_in_words(@rule.events.maximum(:timestamp)) %> ago
+
+ <% end %>
+
+
+
<% if @rule.network_rule? && @rule.network_range.present? %>
diff --git a/app/views/settings/index.html.erb b/app/views/settings/index.html.erb
new file mode 100644
index 0000000..9601fec
--- /dev/null
+++ b/app/views/settings/index.html.erb
@@ -0,0 +1,60 @@
+<% content_for :title, "Settings" %>
+
+
+
+
+
+
+
Settings
+
Manage system configuration and API keys
+
+
+
+
+
+
+
+
API Configuration
+
+
+
+ <%= form_with url: settings_path, method: :patch, class: "space-y-4" do |f| %>
+ <%= hidden_field_tag :key, 'ipapi_key' %>
+
+
+
+ ipapi.is API Key
+
+
+ <%= text_field_tag :value,
+ @settings['ipapi_key']&.value || ENV['IPAPI_KEY'],
+ class: "flex-1 min-w-0 block w-full px-3 py-2 rounded-md border-gray-300 focus:ring-blue-500 focus:border-blue-500 sm:text-sm",
+ placeholder: "Enter your ipapi.is API key" %>
+ <%= f.submit "Update", class: "ml-3 inline-flex items-center px-4 py-2 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-blue-600 hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500" %>
+
+
+ <% if @settings['ipapi_key']&.value.present? %>
+ ✓ Configured in database
+ <% elsif ENV['IPAPI_KEY'].present? %>
+ Using environment variable (IPAPI_KEY)
+ <% else %>
+ ipapi.is not active
+ <% end %>
+
+
+ Get your API key from ipapi.is
+
+
+ <% end %>
+
+
+
+
+
+
+
+
Additional Settings
+
More configuration options will be added here as needed.
+
+
+
diff --git a/app/views/waf_policies/edit.html.erb b/app/views/waf_policies/edit.html.erb
index 229fda3..e651ba3 100644
--- a/app/views/waf_policies/edit.html.erb
+++ b/app/views/waf_policies/edit.html.erb
@@ -13,7 +13,7 @@
- <%= form_with(model: @waf_policy, local: true, class: "space-y-6") do |form| %>
+ <%= form_with(model: @waf_policy, local: true, class: "space-y-6", data: { controller: "waf-policy-form" }) do |form| %>
@@ -35,14 +35,14 @@
placeholder: "Explain why this policy is needed..." %>
-
+
- <%= form.label :action, "Action", class: "block text-sm font-medium text-gray-700" %>
- <%= form.select :action,
- options_for_select(@actions.map { |action| [action.humanize, action] }, @waf_policy.action),
+ <%= form.label :policy_action, "Policy Action", class: "block text-sm font-medium text-gray-700" %>
+ <%= form.select :policy_action,
+ options_for_select(@actions.map { |action| [action.humanize, action] }, @waf_policy.policy_action),
{ prompt: "Select action" },
{ class: "block w-full border-gray-300 rounded-md shadow-sm focus:ring-blue-500 focus:border-blue-500 sm:text-sm",
- id: "action-select" } %>
+ data: { "waf-policy-form-target": "policyActionSelect", "action": "change->waf-policy-form#updateActionConfig" } } %>
@@ -164,7 +164,7 @@
⚙️ Additional Configuration
-
+
<%= label_tag "additional_data[redirect_url]", "Redirect URL", class: "block text-sm font-medium text-gray-700" %>
<%= text_field_tag "additional_data[redirect_url]", @waf_policy.additional_data&.dig('redirect_url'),
@@ -180,7 +180,7 @@
-
+
<%= label_tag "additional_data[challenge_type]", "Challenge Type", class: "block text-sm font-medium text-gray-700" %>
<%= select_tag "additional_data[challenge_type]",
@@ -205,36 +205,4 @@
class: "inline-flex items-center px-4 py-2 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-blue-600 hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500" %>
<% end %>
-
-
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/app/views/waf_policies/index.html.erb b/app/views/waf_policies/index.html.erb
index 5cce23f..ef7208c 100644
--- a/app/views/waf_policies/index.html.erb
+++ b/app/views/waf_policies/index.html.erb
@@ -85,7 +85,7 @@
Deny Policies
- <%= number_with_delimiter(@waf_policies.where(action: 'deny').count) %>
+ <%= number_with_delimiter(@waf_policies.where(policy_action: 'deny').count) %>
@@ -137,15 +137,15 @@
<% end %>
-
+
- <%= policy.action.upcase %>
+ <%= policy.policy_action.upcase %>
diff --git a/app/views/waf_policies/new.html.erb b/app/views/waf_policies/new.html.erb
index 4266abc..c67cb92 100644
--- a/app/views/waf_policies/new.html.erb
+++ b/app/views/waf_policies/new.html.erb
@@ -13,7 +13,7 @@
- <%= form_with(model: @waf_policy, local: true, class: "space-y-6") do |form| %>
+ <%= form_with(model: @waf_policy, local: true, class: "space-y-6", data: { controller: "waf-policy-form" }) do |form| %>
@@ -42,17 +42,17 @@
options_for_select(@policy_types.map { |type| [type.humanize, type] }, @waf_policy.policy_type),
{ prompt: "Select policy type" },
{ class: "block w-full border-gray-300 rounded-md shadow-sm focus:ring-blue-500 focus:border-blue-500 sm:text-sm",
- id: "policy-type-select" } %>
+ data: { "waf-policy-form-target": "policyTypeSelect", "action": "change->waf-policy-form#updateTargetsVisibility" } } %>
-
+
- <%= form.label :action, "Action", class: "block text-sm font-medium text-gray-700" %>
- <%= form.select :action,
- options_for_select(@actions.map { |action| [action.humanize, action] }, @waf_policy.action),
+ <%= form.label :policy_action, "Policy Action", class: "block text-sm font-medium text-gray-700" %>
+ <%= form.select :policy_action,
+ options_for_select(@actions.map { |action| [action.humanize, action] }, @waf_policy.policy_action),
{ prompt: "Select action" },
{ class: "block w-full border-gray-300 rounded-md shadow-sm focus:ring-blue-500 focus:border-blue-500 sm:text-sm",
- id: "action-select" } %>
+ data: { "waf-policy-form-target": "policyActionSelect", "action": "change->waf-policy-form#updateActionConfig" } } %>
@@ -63,7 +63,7 @@
🎯 Targets Configuration
-
+
<%= form.label :targets, "Countries", class: "block text-sm font-medium text-gray-700 mb-2" %>
-
+
<%= form.label :targets, "ASN Numbers", class: "block text-sm font-medium text-gray-700" %>
<%= text_field_tag "waf_policy[targets][]", nil,
class: "block w-full border-gray-300 rounded-md shadow-sm focus:ring-blue-500 focus:border-blue-500 sm:text-sm",
@@ -88,7 +88,7 @@
-
+
<%= form.label :targets, "Companies", class: "block text-sm font-medium text-gray-700" %>
<%= text_field_tag "waf_policy[targets][]", nil,
class: "block w-full border-gray-300 rounded-md shadow-sm focus:ring-blue-500 focus:border-blue-500 sm:text-sm",
@@ -97,7 +97,7 @@
-
+
<%= form.label :targets, "Network Types", class: "block text-sm font-medium text-gray-700" %>
@@ -123,7 +123,7 @@
⚙️ Additional Configuration
-
+
<%= label_tag "additional_data[redirect_url]", "Redirect URL", class: "block text-sm font-medium text-gray-700" %>
<%= text_field_tag "additional_data[redirect_url]", nil,
@@ -139,7 +139,7 @@
-
+
<%= label_tag "additional_data[challenge_type]", "Challenge Type", class: "block text-sm font-medium text-gray-700" %>
<%= select_tag "additional_data[challenge_type]",
@@ -178,63 +178,4 @@
class: "inline-flex items-center px-4 py-2 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-blue-600 hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500" %>
<% end %>
-
-
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/app/views/waf_policies/new_country.html.erb b/app/views/waf_policies/new_country.html.erb
index 952dca7..3831de0 100644
--- a/app/views/waf_policies/new_country.html.erb
+++ b/app/views/waf_policies/new_country.html.erb
@@ -14,6 +14,31 @@
<%= form_with(url: create_country_waf_policies_path, method: :post, local: true, class: "space-y-6") do |form| %>
+
+ <% if defined?(@waf_policy) && @waf_policy&.errors&.any? %>
+
+
+
+
+
+ <%= pluralize(@waf_policy.errors.count, "error") %> prohibited this policy from being saved:
+
+
+
+ <% @waf_policy.errors.full_messages.each do |message| %>
+ <%= message %>
+ <% end %>
+
+
+
+
+
+ <% end %>
+
@@ -67,28 +92,28 @@
- <%= form.label :action, "What should happen to traffic from selected countries?", class: "block text-sm font-medium text-gray-700" %>
+ <%= form.label :policy_action, "What should happen to traffic from selected countries?", class: "block text-sm font-medium text-gray-700" %>
- <%= radio_button_tag "action", "deny", true, class: "h-4 w-4 text-blue-600 focus:ring-blue-500 border-gray-300" %>
+ <%= radio_button_tag "policy_action", "deny", true, class: "h-4 w-4 text-blue-600 focus:ring-blue-500 border-gray-300" %>
🚫 Block (Deny) - Show 403 Forbidden error
- <%= radio_button_tag "action", "challenge", false, class: "h-4 w-4 text-blue-600 focus:ring-blue-500 border-gray-300" %>
+ <%= radio_button_tag "policy_action", "challenge", false, class: "h-4 w-4 text-blue-600 focus:ring-blue-500 border-gray-300" %>
🛡️ Challenge - Present CAPTCHA challenge
- <%= radio_button_tag "action", "redirect", false, class: "h-4 w-4 text-blue-600 focus:ring-blue-500 border-gray-300" %>
+ <%= radio_button_tag "policy_action", "redirect", false, class: "h-4 w-4 text-blue-600 focus:ring-blue-500 border-gray-300" %>
🔄 Redirect - Redirect to compliance page
- <%= radio_button_tag "action", "allow", false, class: "h-4 w-4 text-blue-600 focus:ring-blue-500 border-gray-300" %>
+ <%= radio_button_tag "policy_action", "allow", false, class: "h-4 w-4 text-blue-600 focus:ring-blue-500 border-gray-300" %>
✅ Allow - Explicitly allow traffic
@@ -138,14 +163,14 @@