apisix icon indicating copy to clipboard operation
apisix copied to clipboard

Published 20 hours ago verified publisher icon apache

feat: ip-restriction shoud strict the real_ip

Open qihaiyan opened this issue 1 year ago • 7 comments

Description

The ip-restriction Plugin now restricting access with remote_addr, not suitable for where there's a proxy standing between the client and apisix. Using http_x_real_ip is considerable.

qihaiyan avatar Mar 21 '24 05:03 qihaiyan

You can use ip-restriction with real-ip, e.g. https://docs.api7.ai/hub/ip-restriction#restrict-access-using-modified-ip

kayx23 avatar Mar 21 '24 09:03 kayx23

I enabled the apisix ip-restriction plugin and I whitelisted my ip address but still cant access my end point when I disable I can access the end point please any idea on how to get this solved @kayx23 can you help please

Eunice2000 avatar Mar 21 '24 14:03 Eunice2000

@Eunice2000 please share reproducible steps.

kayx23 avatar Mar 21 '24 20:03 kayx23

@kayx23

for ip-restriction the expected behavior is when i whitelist my device ip, i should be able to have access. However at the moment, when i whitelist a devices network ip, they still dont have access? Any guidance?

This is an sample image of how i am getting my IP image

And this is a sample on how i am whitelisting Screenshot 2024-03-25 at 12 20 10

NellyNakhero avatar Mar 25 '24 09:03 NellyNakhero

@NellyNakhero the given ip address on the screenshot might not be the same as seen by APISIX.

please remove the ip-restriction plugin and then log your ip address using logger plugins. Then use that ip address under ip-restriction. This should work for you.

shreemaan-abhishek avatar Mar 30 '24 06:03 shreemaan-abhishek

Any more issue here to address?

kayx23 avatar Jun 06 '24 04:06 kayx23

@shreemaan-abhishek you mean i should add the ip address i want to whitelist under this ? image

Eunice2000 avatar Jun 06 '24 08:06 Eunice2000