Heroku - prevent scraping

Question

I am looking on my drain log and I see this

327 <158>1 2018-04-17T22:03:27.578702+00:00 heroku router - - at=info method=GET path="/{url}" host={my_host} request_id=11bb9b05-dea3-42c2-b57a-9be6fb9b93d2 fwd="80.6.26.72,141.101.107.25" dyno=web.1 connect=0ms service=1ms status=200 bytes=6265 protocol=http

I am certain that this request doesn't come from a legit user, how is it possible to dig in more and get the remote server IP? I used https://stackoverflow.com/a/6837689/2513428 inside my script to check the ip's but I assume it returned the proxy of herocu servers.

score 1 · Accepted Answer · answered Apr 18 '18 at 08:06

1

Heroku makes the IP making the request available in the fwd log field: https://devcenter.heroku.com/articles/http-routing#heroku-router-log-format

You can also read it within your code by looking at the X-Forwarded-For HTTP header.

So in your case, the IP of the client making this request was 80.6.26.72.

answered Apr 18 '18 at 08:06

Damien MATHIEU

31,924
13
86
94

Thanks for the tip, I thought 10.0~'s would be some kind of load balancers. But as you say they might be the scrappers. I just wonder why there are 2 IP's in the fwd – Kavvson Empcraft Apr 18 '18 at 08:09
141.101.107.25 is cloudflare – Damien MATHIEU Apr 18 '18 at 08:46

Heroku - prevent scraping

1 Answers1