The "port knocking" has surfaced often since the early 2000s, but it continues to be a rather silly exercise in making security-by-obscurity look more complicated while not really helping all that much.
Briefly looking at the diagram at the top of the repo, it looks like you "knock" with an API key. Why not just run a reverse proxy in front of (whatever service you're trying to protect) and use the API keys there? To harden further, do some sort of real authentication (PKI, client certs). If you want your logs to look cleaner, install and actually configure fail2ban.
replies(1):