I’ve banned all known Tors at server level using iptables. Or you can use Nginx itself too, or some another reverse proxy.
Using any of those front of Discourse is really trivial task. But Docker is the buggest questionmark because it bypasses UFW/iptables of VPS in way I can’t understand because I’m just climbing up that learning curve (in my books that is the biggest security concern and less spoken)
Here is something about firewall question:
Of course someone can make a plugin that stops an IP. I don’t know much but I can’t understand why it would be difficult — even WordPress can do it.
But there is too issues as I see those:
- an app starts do tasks that should do at server
- an app is always late and even it stops something hammering of server has already happened