Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Varnish>
  3. Misc
Request restriction based on IP and url parameter
anjali.maurya01 at indiamart
Oct 5, 2023, 12:53 AM
Post #1 of 2 (123 views)
Permalink
Hi team,
We are trying to restrict unauthorized requests at varnish based on a
parameter and IP associated with the parameter. The parameter value is
present in the URL and the IP is present in the header. So, we want to know
if it is possible to implement this restriction based on parameter value
and associated IP.
We have different values and associated IPs.

For example:
URL: hostname:port/path?source=mobile&keyword= bags
There are 3 IPs associated with mobile source.
mobile: IP1, IP2, IP3

So if any request comes with mobile and IP4, that is an unauthorized
request and should be blocked at varnish.

Can we do this at varnish?

If yes, then which approach will be more appropriate handling this at the
varnish level or handling it using Java code at the API level?
Re: Request restriction based on IP and url parameter [ In reply to ]
guillaume.quintard at gmail
Oct 5, 2023, 4:42 AM
Post #2 of 2 (122 views)
Permalink
Hi!

It's completely possible, easy and recommended to do that at the
varnish level (at least it you want to cache that content)

How many ips are you actually allowing, are the actual ips or CIDR blocks?

Cheers,

It's definitely something I
On Thu, Oct 5, 2023, 09:55 Anjali Maurya <anjali.maurya01@indiamart.com>
wrote:

> Hi team,
> We are trying to restrict unauthorized requests at varnish based on a
> parameter and IP associated with the parameter. The parameter value is
> present in the URL and the IP is present in the header. So, we want to know
> if it is possible to implement this restriction based on parameter value
> and associated IP.
> We have different values and associated IPs.
>
> For example:
> URL: hostname:port/path?source=mobile&keyword= bags
> There are 3 IPs associated with mobile source.
> mobile: IP1, IP2, IP3
>
> So if any request comes with mobile and IP4, that is an unauthorized
> request and should be blocked at varnish.
>
> Can we do this at varnish?
>
> If yes, then which approach will be more appropriate handling this at the
> varnish level or handling it using Java code at the API level?
> _______________________________________________
> varnish-misc mailing list
> varnish-misc@varnish-cache.org
> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal