Welcome to the Linux Foundation Forum!

10 - Block attacker IP with express

Posts: 17
in LFW212 Class Forum

Refer to express code to get attacker IP, req.socket.remoteAddress === '127.0.0.1'

The code cannot work as the actual value of req.socket.remoteAddress I get is :ffff:127.0.0.1.

I can process it to remove :ffff:. Anyone encounter this issue?

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Comments

  • Posts: 12

    Just for local test, use the result when you request "req.socket.remoteAddress", use this value as a string and that's it.

    in your case you are getting the ipv6 and the ipv4 "ffff:127.0.0.1" , in real world you could receive an array of ips in other ways. but this is just an exercise to evaluate.

  • Posts: 17

    Yes. I process "ffff:127.0.0.1" to remove ":ffff:".

    So you mean I get ":ffff:" because of localhost?
    In real production env, I will get a array of ip without ":ffff:" ?

  • Posts: 270

    yeah exactly - if your system is setup slightly different you may get an ipv4 inside an ipv6 address. It doesn't matter, the principle is the same.

  • Posts: 22

    same issue here and i fixed like this:

    1. app.use(function (req, res, next) {
    2.   const ipList = req.socket.remoteAddress.split(':')
    3.   if (ipList.includes('127.0.0.1')) {
    4.     const err = new Error('Forbidden');
    5.     err.status = 403;
    6.     next(err);
    7.     return;
    8.   }
    9.   next();
    10. });
  • Posts: 160

    @jhonny111s nice

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Quick Links

Categories

Upcoming Training