I have a blog created on django and I need to configure the access using iptables. I do not have any idea how to do it, anybody can indicate some material? I was thinking about creating a function where it is possible to pass a range of ip numbers that are allowed to access, but I don't exactly where to do that in django.
Asked
Active
Viewed 53 times
-1
-
What is the use of IPtables in that scenario? – Mohamed ElKalioby Jun 09 '21 at 14:07
-
@MohamedElKalioby The app I'm creating will work on a private server, it won't be open to the public. So the idea is that only specific ips can access it. – Fabian Jun 09 '21 at 14:10
-
You can simply check the request headers if it matches certain ips. – oluwakayode Jun 09 '21 at 14:13
1 Answers
0
Then the best way is to create a middleware for that, it checks if the IP is in good range,
def checkIP(get_response):
def middleware(request):
x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
if x_forwarded_for:
ip = x_forwarded_for.split(',')[0]
else:
ip = request.META.get('REMOTE_ADDR')
if not ip in settings.GOOD_IPS:
return HttpResponseForbidden("You are not allowed here")
response = get_response(request)
return response
return middleware
But generally, this is NOT a recommended behavior as IPs can change and the user could try to access from another terminal
Mohamed ElKalioby
- 1,908
- 1
- 12
- 13
-
-
Surely it can be done, but middleware can give you more flexibility as checking the user as a superuser can access from anywhere, this can't be done by iptables – Mohamed ElKalioby Jun 09 '21 at 14:28
-
Thank you! I really appreciate your suggestion and it solve my problem. – Fabian Jun 09 '21 at 14:34
-