PulseWeaver hides home server login pages from unknown IPs

is a security tool for people who run their own online services at home. Many login tools let strangers reach the login page first, then decide whether to block them. takes the opposite approach: only known devices can reach the services, and unknown are blocked before the login page appears.

It can follow a trusted device when its IP address changes, so the owner does not have to keep editing an allow-list by hand. The developer says they have about 10 years of professional development experience, made the main design and security choices themselves, and used Claude and other AI help only after the base design was in place. The main security paths, including login decisions, IP matching, and access expiry, have .

The developer also says they tested bypass attempts, IP spoofing edge cases, and , and they currently use on their own services every day.

Key points

  • blocks unknown before they can see a login page.
  • Trusted devices can stay allowed even when their IP address changes.
  • It is meant as a different default from tools like Authelia, authentik, OIDC, and SSO.
  • The developer says key security paths are covered by .
  • For a , it could be an extra front-door security layer, not a replacement for good passwords and updates.
Read original