REST API - Restrict incoming calls to specific IPs

0
Hi   We have an On-Prem application in which our Mendix application communicates with another application using a series of REST calls.  We have currently proven that all of our connections work across both application Dev environments but we are looking for a way to ensure that dev can only accept communications from dev before moving into acceptance testing.    We need to then use this to ensure that Acceptance can only accept communication with Acceptance and most importantly Production and only accept communication from Production.    The IP addresses are different for each environment both in Mendix and the other application, we have Basic Auth set up (username/password) but would like to restrict further in Mendix.  Our fear is that someone could accidentally send information to Mendix Production from the other applications Dev / Accp.   Is there a way to check the IP address of incoming REST calls (we are using POST) and send back an error if the address is not correct?   Thanks Grant
asked
2 answers
1

Hi Grant, you could add a server certificate restriction on the /rest/ path.  Only with a valid client certificate (on the clients side) it should be possible to send a request to the path. More info about certificate can be found here.

 

Hope this points to improved security.

answered
0

Hi Grant. Blocking specific IP addresses or ranges of IP addresses is typically something you would set up in your firewall, not on an application level in Mendix

answered