Is it feasible to make access from particular environments, such as countries, operating systems, and browsers denied in Node.js and Express? I'm now constructing a web service, but must implement such filters before launching it for some reasons.
I use Node.js v0.10, Express v3.x, and would deploy on heroku. So here's my question:
Is it feasible to implement such filters in my deploy environment, and if it is, how can I do?
Is it feasible to implement such filters only on some specific services, such as comment sections?
I also wonder how secure and robust it can be to have access from those countries denied successfully.
(This is not a heroku question, and in my humble opinion not a node nor javascript question well. This is more likely an http and/or tcp question).
You can filter by these, but beware: it is not secure at all.
req.ip
) which is later converted to a location (with some ip/geo service, eg MaxMind). req.headers['user-agent']
. Note that in order to avoid filtering by country, the user can simply access your web server using a proxy in an allowed country. Also, since user-agent is a string the client sends, they can send whatever they want and fake any browser/os.
It really depends on how strict your "filtering security" requirements are.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.