mr.coder
Reputation: 59
Rails 5: Preventing access to /admin pages based on IP address
I have been building a rails 5.2 app, and so far I want to separate or restrict access to /admin pages to only be accessible through office computers (local ips).
How can I achieve that, knowing I used activeadmin and petergate for authorization?
Upvotes: 2
Views: 151
Answers (1)
NM Pennypacker
Reputation: 6942
You can create a before_action like this:
class ApplicationController < ActionController::Base
before_action :filter_ip_address
protected
def filter_ip_address
current_ip_address = request.env['HTTP_X_REAL_IP']
head :unauthorized unless current_ip_address == "XX.XX.XX.XX"
end
end
The example given is for application_controller, but you can put it wherever you need if you don't want to call it everywhere.
This is a modified version of the example I found here: https://coderwall.com/p/v980ha/restrict-ip-access-in-rails
Upvotes: 4
Related Questions
- How can I restrict access ActiveAdmin login page by ip?
- rails redirect base on ip address
- Rails Devise restrict IP address access for admin users
- Restricting Access to Rails App based on IP-Address
- Restrict access to app by ip address OR via password (rails app)
- How do you block specific IP adress in Ruby on Rails
- IP Address Filtering
- How can you add IP restrictions to your rails app?
- Rails - Block all but certain IP address
- How can I prevent access by a certain IP in Rails?