Hello,
I wish to do the following :
1. Any visitor attempts an invalid login attempt and the upstream responds with a 403, LUA should block this IP for 24 hours (or configurable number of hours) at the particular location after 10 (or configurable number of) attempts
- Managed to achieve this using :
access_by_lua_file {
---- redis recording, incrementing a counter over host:IP as key, ngx.exit(403) after 10 invalid attempts
}
2. Read a particular string value from the response body html ( ngx.arg[1] ) and send a 403 back to the client if the custom string found in ngx.arg[1] (Suppose the html has a string "Invalid username/password")
- Problem here is the API context for ngx. redirect/exit
Could anyone please suggest a way to achieve this?
Thanks!