Welcome to the Linux Foundation Forum!

Block an Attackers' IP Address with Express: does not work

At least on my machine it does not work i mean.

if i console.log(req.socket.remoteAddress) it return that: ::ffff:127.0.0.1

Actually i can find the same info with the much simpler console.log(req.ip), but maybe behind the scene it s not as efficient as the previous one, i don t know...

so to bloc the localhost ip i used this solution

  1. app.use((req, res, next) => {
  2. const sp = req.ip.split(':')
  3. if(sp[sp.length -1] === '127.0.0.1'){
  4. const err = new Error('Forbidden')
  5. etc .............................................
  6.  

That works.

Comments

  • This is a good point, due to ipv6 local ip address may differ per machine and machine setup. I'll address this in the next update

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Categories

Upcoming Training