feat: Add Arcjet security #187
Open
+333
−84
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@davidmytton is attempting to deploy a commit to the Hayden Bleasel Team on Vercel. A member of the Team first needs to authorize it. |
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds Arcjet to add bot detection and WAF to key endpoints:
apps/web/middleware.tsto block scrapers and other bots, but still allow search engines and preview link generators. This will run on every request by default, except for static assets.apps/app/lib/arcjet.tswhich includes the Arcjet Shield WAF rules. This client is extended in the authenticated route layout inapps/app/app/(authenticated)/layout.tsxwith bot detection to block all bots except preview link generators. This will run just on authenticated routes. Clerk includes bot detection and rate limiting in their login route handlers by default.I've also added a "Security" page to the docs.