Welcome to the Linux Foundation Forum!

10 - Block attacker IP with express

chesterheng
chesterheng Posts: 17
in LFW212 Class Forum - Discontinued

Refer to express code to get attacker IP, req.socket.remoteAddress === '127.0.0.1'

The code cannot work as the actual value of req.socket.remoteAddress I get is :ffff:127.0.0.1.

I can process it to remove :ffff:. Anyone encounter this issue?

Comments

  • canelacho
    canelacho Posts: 12

    Just for local test, use the result when you request "req.socket.remoteAddress", use this value as a string and that's it.

    in your case you are getting the ipv6 and the ipv4 "ffff:127.0.0.1" , in real world you could receive an array of ips in other ways. but this is just an exercise to evaluate.

  • chesterheng
    chesterheng Posts: 17

    Yes. I process "ffff:127.0.0.1" to remove ":ffff:".

    So you mean I get ":ffff:" because of localhost?
    In real production env, I will get a array of ip without ":ffff:" ?

  • davidmarkclements
    davidmarkclements Posts: 270

    yeah exactly - if your system is setup slightly different you may get an ipv4 inside an ipv6 address. It doesn't matter, the principle is the same.

  • jhonny111s
    jhonny111s Posts: 22

    same issue here and i fixed like this:

    app.use(function (req, res, next) {
  const ipList = req.socket.remoteAddress.split(':')
  if (ipList.includes('127.0.0.1')) {
    const err = new Error('Forbidden');
    err.status = 403;
    next(err);
    return;
  }
  next();
});
  • xdxmxc
    xdxmxc Posts: 160

    @jhonny111s nice

Categories

Upcoming Training