https-portal icon indicating copy to clipboard operation
https-portal copied to clipboard
verified publisher icon SteveLTN

IP Country Block

Open Yuri-Lima opened this issue 2 years ago • 3 comments

Is there any easy way with this lib to allow only specific country to access? If you have any good ideia how todo it with this Lib, please let me.

Maybe it could be a new feature if it does not have yet.

Thank You

Yuri-Lima avatar Nov 07 '23 09:11 Yuri-Lima

Hi,

No, this is not supported by HTTPS-PORTAL.

While you can use Nginx custom config to do that, I do believe this should best be done at the application layer, given that you probably need a pretty complex library to figure out where the user actually is based on their IP address.

SteveLTN avatar Nov 26 '23 03:11 SteveLTN

When you say application layer, what you mean?

At the moment I'm have nestjs as my back end and Angular in front end.

Do you think would be better to apply it as a custom Ngnix?

Btw, thank your reply.👍

Yuri-Lima avatar Dec 01 '23 17:12 Yuri-Lima

@Yuri-Lima

Hi If I can be of help. For your reference...

I used cron and dynamic-env to address this issue. By specifying the environment variable "ACCESS_RESTRICTION," you can designate the IP addresses allowed to connect. Dynamic-env allows you to change environment variables by updating a file.

[Steps]

  1. Obtain the list of IP addresses from specific countries from your ISP or other sources (regularly with cron)
  2. Write them into ACCESS_RESTRICTION

However, note that ACCESS_RESTRICTION ultimately involves passing data through an environment variable. If the list exceeds the maximum length restricted by the kernel for environment variables, it will be truncated in the middle, so please be cautious (I experienced this issue myself).

[See] https://github.com/SteveLTN/https-portal?tab=readme-ov-file#access-restriction https://github.com/SteveLTN/https-portal?tab=readme-ov-file#change-configuration-dynamically

yamada28go avatar Jul 28 '24 08:07 yamada28go