Feature Request - CLI to block an IP address

[mpchadwick]

Use case: Often times when we need to block an IP the system is under such high load that it's impossible to follow these steps to block a bad acting IP address via the Magento Admin panel (admin panel is unreachable / unusable due to high load). In these cases it would be useful to have a CLI that can be used to block a bad acting IP.

E.g.

php bin/magento fastly:block <ip-to-block>

As the "Blocking" feature may potentially be in "Allowlist" state it's probably better if this CLI would implement the block via an Edge ACL + Custom VCL Snippet

[Leland]

Hi Fastly! Any chance of getting this implemented?

[smaeda-ks]

If under such a situation, you may don't have access to the server (SSH) either due to overload. That said, having additional Magento commands doesn't seem to be the right solution here.

Generally speaking, you should utilize our public API.

We have a Postman collection: https://developer.fastly.com/reference/api/#postman-collection and also, our official Fastly CLI that supports multiple platforms: https://developer.fastly.com/reference/cli/

You can manipulate your Edge ACLs using those tools.

[beechyrb]

If under such a situation, you may don't have access to the server (SSH) either due to overload. That said, having additional Magento commands doesn't seem to be the right solution here.

Generally speaking, you should utilize our public API.

We have a Postman collection: https://developer.fastly.com/reference/api/#postman-collection and also, our official Fastly CLI that supports multiple platforms: https://developer.fastly.com/reference/cli/

You can manipulate your Edge ACLs using those tools.

True and we have done that for sure but in all cases where we had a bad actor we still had SSH access to the server and it would have been way quicker to do it with a CLI command. I can understand though if you don't want to do it since there are other methods.