This is a two part question. I'm needing to restrict a rails site that I'm throwing on development server to only a few IP addresses, so the public can't access it. (Basic HTTP auth doesn't 'entirely' work as the auth breaks a Flash uploader in the project.)
Based on what I've Googled, this is what I've come up with in my routes file...
class WhitelistConstraint
def initialize
@ips = '127.0.0.1'
end
def matches?(request)
@ips.include?(request.remote_ip)
end
end
MyProject::Application.routes.draw do
constraints WhitelistConstraint.new do
# all my routing stuff here
end
end
Works pretty good. However, I need to modify this in order to work with several IP addresses. I tried using a array on @ips, as well as looping through an each loop, but neither worked.
On top of that, the second part of my question...I may need to check only against a segment of the IP, like '127.0.0'. How would I do that?
For example, to whitelist an IP address (to create IP whitelist), you first need to determine which devices or users are allowed access. Once you have a list of approved IP addresses, web applications, or users, you can add them to your whitelist using the network settings on your computer, router or firewall.
Outbound IP Whitelisting allows your org's users to connect to the BrowserStack domain ( browserstack.com ) through any corporate firewalls or proxy setups. This option is most frequently used when the security settings of organizations prevent connections from their internal computers to external endpoints.
IP whitelisting provides an easy and secure way to access private network resources. Below are the benefits of using a whitelist IP address: Improved Cloud Security.
Whitelisting IP addresses essentially means adding specific IP addresses that will be allowed to access DataForSEO API using your account. If you whitelist certain IPs, any IP that's not whitelisted will not be able to make API requests with your account's credentials.
what about using NetAddr::CIDR?
and something like this?
class WhitelistConstraint
def initialize
@ips = []
@ips << NetAddr::CIDR.create('127.0.0.0/8')
@ips << NetAddr::CIDR.create('192.168.0.0/16')
end
def matches?(request)
valid = @ips.select {|cidr| cidr.contains?(request.remote_ip) }
!valid.empty?
end
end
MyProject::Application.routes.draw do
constraints WhitelistConstraint.new do
# all my routing stuff here
end
end
This way you can specify the blocks of IPs that should be whitelisted, and not have to worry about the partial matches?
>> require 'netaddr'
=> true
>> @ips = []
=> []
>> @ips << NetAddr::CIDR.create('127.0.0.0/8')
=> [127.0.0.08]
>> @ips << NetAddr::CIDR.create('192.168.0.0/16')
=> [127.0.0.08, 192.168.0.016]
>> @ips.select { |c| c.contains? '192.168.10.1' }
=> [192.168.0.016]
>> @ips.select { |c| c.contains? '192.169.10.1' }
=> []
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With