varnish-apikey

Api management, throttling, security, monitoring and caching using Varnish http-accerator and Redis key-value store

The purpose of this project is easy apikey management so everybody can quickly expose and secure their api. We also implemented throttling and token authorization so one can be safe about how apis are used. The important goal is to be high performance

Please contribute any fixes and improvements so all community can benefit.

Features

  • monitor api usage trough apikey
  • dynamically add and remove apikeys
  • use regex in varnish configuration for api syntax
  • referer and token authorisation
  • throttling based on counting requests in defined time range
  • automatic blocking of offending apikeys
  • power of varnish configuration language for other customisations
  • redis nosql database for consistent configuration within the cluster
  • very high performance
  • TODO apikey management portal with self-provisioning

Manual

  • Installation
  • How to configure your own Varnish vcl scripts
  • UsageManual of admin interface
  • Requirements
  • DatabaseStructure description if you want to play with the internals
  • WishList for ideas of improvements
  • QuestionsAndAnswers
  • Security explanation

and more you can find on wiki

Project Information

The project was created on Feb 19, 2012.

Labels:
api key apikey management mashery apigee varnish redis 3scale security throttling authorization token rate limit