Back to Community feed

IP Filter Module: IP Adress Filtering

IP Filter Middleware


Middleware IP Filter extends the endpoint settings in your application. With it, you can set access to endpoints only from specific IP addresses or prohibit it for certain IPs.

This will increase the security level of your application and be able to better control the processes occurring in it.



Configuring IP Access


In Appmaster Studio, go to the Endpoints tab and find the endpoint for which you want to configure access.


1.Click on the gear icon next to its name.



2.Go to the Middleware tab (1), find IP Filter in the list, and open its settings (2).



3.In the Mode field, select one of the options:


a. Allow all, except - access to the endpoint will be allowed from all IP addresses except the specified ones.

b. Forbidden all, except - access to the endpoint will be allowed only from the specified IP addresses.



4.In the IP list field, enter an address or a list of addresses separated by commas.



Thus, configure all the endpoints to which you want to restrict access.



Examples 


Here are some examples of using IP Filter.


Example 1: Access only from specified IPs


Let's imagine that your application provides an API for communicating within a specific network. Most likely, in this case, you do not need authorization (so as not to complicate access to the API), but at the same time, you need to restrict the list of IP addresses (allow strictly defined services to access your application). Use the "Forbidden all, except" mode.


Example 2: Restricting Access from Specified IPs


Let's imagine that you need to restrict access to your application for attackers who send spam, try to guess passwords, or carry out DDoS attacks. Information about their IP addresses will be displayed in the logs. Add these IP addresses to the list of prohibited endpoints for enabled endpoints by setting the "Allow all, except" mode in the IP Filter settings. For example, if there are many unsuccessful authorization requests from a specific IP, most likely someone is trying to guess the password. Deny him authorization by setting access restrictions to the POST/auth endpoint (Auth group).




Learn more about what endpoints are and how to use them in our documentation.


For more how-tos and helpful materials, visit the AppMaster.io blog.


Subscribe to the AppMaster.io telegram channel and join our community chat - here you can find out the latest platform news and communicate directly with our developers.

AppMaster.io
Articles — No-code
ActiveCampaign
Sponsored
ActiveCampaign is a marketing and sales automation platform that helps growing businesses meaningfully connect and engage with their customers. Its SaaS platform enables businesses to create optimized customer experiences by automating many behind the scenes processes and communicating with their customers across channels with personalized messages.

Similar articles

Mobile app monetization: 2021

The mobile application market is growing, and the competition for users is getting higher. According to statistics, 20% of projects are not profitable at all. What to do? Think over your monetization strategy at the development stage! Let's talk about current ways to monetize a mobile app in 2021.

Appmaster Platform

How AppMaster.io Data Models Work

Any application is a system for processing data (information presented in the form of a program code). While interacting with the application, you "show" the data and how it is supposed to work with it.

Appmaster Platform

Business logic in no-code: what it is and how to build it

The business logic of an application is a description of the schemes by which the application interacts with the user. When a user subscribes, or fills out an order form, or simply logs in, all these actions are processed “under the hood” of the application in a specific order.

Appmaster Platform