For a web service node, is it possible to limit inbound requests to specific IP addresses? I tried adding code to reject requests based on the incoming IP address (e.g. “if (req.IP != ‘18.104.22.168’) return false;”), but it seems to be using some sort of internal address (“10.207.xx.xx”) per request. I’m assuming this is a load balancer doing its job.
I’m open to other ideas. The end goal is to limit the app’s usage to a specific network.
Since the requests are proxied, I don’t think you would be able to key off of the request IP. Can you instead try using the
X-Forwarded-For request header?
This worked out pretty well. Your suggestion led me to some ExpressJS documentation about using that header. Ultimately all I had to do was add one line of code, which told ExpressJS to read the IP from that header instead.
app.set('trust proxy', true);
Here’s the documentation page for anyone else running into this scenario:
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.