Hello, we have a database with the range IPS for our country.
We only want to allow connections from ips in those ranges.
Also, we have blacklisted IPS that tried all the time to connect illegally to our server.
Where do I get the IP for the client that is trying to consume a method before run the method?
and after checking that in our database, if it is not whitelisted, how to disconnect the client before the method is called.
Thanks for your advice.
Hi Jorge,
What ever platform is this, Delphi or .NET?
FWIW, I think this is a bad idea and will invariably not go well and stop legitimate users from accessing your server, and not keeping all ones that should not access it out. Obviously, I don’t know the background and reasons for why you want or need to implement this check, but consider your users might be traveling abroad, using a VPN while being in the correct country, or merely on a new ISP you haven’t whitelisted yet, for example.
It is delphi.
We give financial services, our clients are only allow to access our software in the offices that are register to give the service to our final customers (like a franchise), they don’t allow to move their desktop equipment to other location or copy the app to other equipment, and the condition is that they access from public IPs. (Not dynamic). We had several incidents where the equipment is move to another location, or get robbed, o somebody try to copy the software to another machine and access to other location. We are a money remittance service with many agents. This can make clear our necessity.
Thanks for the advice.
Hi Jorge,
Okay, I understand. in this case, restrictions like that can make sense, yes.
Okay, thank you. My college Eugene should be able to help you with this, tomorrow.
yours,
marc
Hi,
Check Receiving information about client on server-side snippet.
just raise an exception in this event if wrong IP is detected
I will try and let you know the results.
Thanks for the advice.
Hola Jorge!
Another option, and maybe somewhat more maintenance-friendly, would be to use a firewall before your server to block the IPs? That’s what I have seen recommended generally for this cases, and it makes sense to have something specifically made to work as a gateway between the outside world and your services, instead of trying to implement that kind of layer inside your own app.
Mind you, you can certainly have both.
You can use directly the Windows Firewall, specially if you only want access from specific IPs, or some other firewall software, pfSense is one I’ve seen mentioned regularly, but I am sure there will be a lot of options.
Regards
Hola Rodrigo,
You are right, that is other possibility, the thing is that for the operators, is very friendly to have de permitted IPS on a database, and not to access the firewall.
But is a good solution so.
Thanks for the advice.
muchos saludos y gracias!
works perfect.
thanks!!!