-
Notifications
You must be signed in to change notification settings - Fork 52
Recipe: restricting access by IP address
Snawoot edited this page Jul 13, 2025
·
1 revision
Restriction of access by IP address (or so called "IP-based authorization") can be achieved with a simple JS access script:
const allowedIPs = new Set([
"203.0.113.99",
]);
function ipFromAddrPort(addrPort) {
return addrPort.replace(/\:[^:]+$/, "").replace(/^\[(.*)\]$/, "$1");
}
function access(req, dst, username) {
const ip = ipFromAddrPort(req.remoteAddr);
if (allowedIPs.has(ip)) {
return true;
}
print(`rejecting IP address ${ip} due to IP filter restrictions`);
return false;
}Specify this script file as -js-access-filter command line option or js-access-filter configuration file directive and you're good to go.