You could have a look at the "Catch HTTP Errors" section in our documentation.

[1] https://docs.basex.org/wiki/RESTXQ#Error_Handling

On Mon, Jan 18, 2021 at 1:30 PM Adam Law <adamjameslaw@gmail.com> wrote:
>
> Another thought - a 'catch all' path for fail2ban to catch attempted accessess to undefined paths.
> I haven't tested this to see if there is such a thing in BaseX
> https://stackoverflow.com/questions/50282541/catch-all-url-in-golang
>
> On Mon, Jan 18, 2021 at 5:26 PM Christian Grün <christian.gruen@gmail.com> wrote:
>>
>> Hi Adam,
>>
>> You could have a loot at our Permissions layer [1]. It can be used for
>> all kinds of checks, not only those specific to authentication. I
>> think we should generalize the concept in a future version of BaseX
>> and introduce additional post-hooks.
>>
>> Hope this helps?
>> Christian
>>
>> [1] https://docs.basex.org/wiki/Permissions
>>
>>
>>
>> On Mon, Jan 18, 2021 at 3:19 AM Adam Law <adamjameslaw@gmail.com> wrote:
>> >
>> > Golang has great middleware functionality for endpoints that allows a person to readily secure all of them.  I was wondering there would be anyway doing similar in BaseX for restxq & websockets.  For example by requiring all requests to have a particular query parameter (very basic example). ... to protect say against browser / javascript port scanning.
>> >
>> > Eg https://stackoverflow.com/questions/26204485/gorilla-mux-custom-middleware and check that request contains a particular parameter (very basic security)
>> >
>> > It seems that I have to secure each endpoint individually.
>> >
>> > Adam