Menu
Is there a way to implement IP filtering or IP access rules much like I would with nginx/apache to restrict or block certain IPs on Heroku?
Note: I know this can be done from within my application (Rails 3.2) very easily but I don't think this is the most efficient use of my resources on Heroku. Also, a Rack based solution would be better than implementing the filtering in Rails.
671
From the Block/Allow IPs page of your Expedited WAF dashboard, add each IP or CIDR-notated IP range that you want to block: All requests from that IP/range will be stopped at the WAF and will not reach your Heroku application.
QuotaGuard Static IP's routes your Heroku traffic through a pair of static IP addresses that never change. It should be used if you need your traffic to pass through a known static IP address for the purpose of firewall ingress rules or application allowlisting with a third party.
You should check out rack-attack. Looks like it does the same as rack-block, but is much more widely used and updated frequently. To block a specific IP you can do this:
# Block requests from 1.2.3.4 Rack::Attack.blacklist('block 1.2.3.4') do |req| # Requests are blocked if the return value is truthy '1.2.3.4' == req.ip end I added 'rack-block' as Rack middleware. In config/initializers, add a new file:
YourApp::Application.configure do config.middleware.insert_before(Rack::Lock, Rack::Block) do # Add your rules with the rack-block syntax in here end end Works like a charm.
35
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
