0

I've got some REST API's working with FastAPI and Hypercorn.

Now I'm configuring hypercorn with logging, https, etc... but I'm having some trouble with the server_names option.

Trying to make it so that only my computer can get the results from the API and everything else gets 404 but with no success.

This is what I've tried

server_names = ["192.168.1.1"]
server_names = ["MyMachineName"]

I'm working on company network and there's no network restrictions.

The requests all go through a proxy mypc -> proxy -> api

Without the server_names line in the config file I get results when calling the API.

Any help would be appreciated!

TY

Carlos
  • 21
  • 4
  • 1
    You're using `server_names` wrong according to the documentation: "Hypercorn can be configured to only respond to requests that have a **recognised host header** value by adding the recognised hosts to the `server_names` configuration variable.". Those names you configured are effectively configuring VHosts so for the second line you'd have to set a `Host: MyMachineName` header in your request. Which is not what you want however. – SitiSchu Sep 15 '22 at 11:39
  • @SitiSchu So the configuration file (with the MyMachineName) is correct but to use the server_names config I'd have to add a **Host** key to the Header of the request. Is this right? I can do this (the API is called from a controlled environment) but for other cases (like a public API) what would be the correct way? TY! – Carlos Sep 15 '22 at 13:52
  • Not quite. The `server_names` config option doesn't do what you want to do. You will probably have to add the IP whitelist in your own code. – SitiSchu Sep 15 '22 at 14:08
  • If you want to understand what the `server_names` option does you can read this wiki article on [Virtual Hosting](https://en.wikipedia.org/wiki/Virtual_hosting). You will see it that it serves a completely different purpose. – SitiSchu Sep 15 '22 at 14:09
  • 1
    Thanks for the help @SitiSchu . I've gone with a IP whitelist. Now I understand the server_names config option – Carlos Sep 19 '22 at 16:39

0 Answers0