I am interested in creating an app, hosted by heroku. I am looking for a way to respond to requests only through a specific static IP. Any requests made from any other IP will be ignored / won't be allowed to view content. Is that possible through heroku natively or through any add-ons ? If not, do you have any recommendations about services that allow me to clarify a whitelist of static IPs that can access my app?
Thank you in advance!
You can check the value of the X-Forwarded-For request header, that is a comma separeted list of ip addresses, and the last one is the IP you are searching for, in the best scenario.
I said in the best scenario because there is some security and network/proxies consideration to add, You can read here.
I can anticipate that if you or your ISP are not using any proxy and you are not spoofing your IP from some reason (but in this scenario where you want to recognize the client ip, obviously you are not doing this), you can rely securely on what I told you: you can use the last value of the X-forwarded-for header as the client IP.
