IP white lists are, as you have found out, essentially dead. You should just do proper authorization.
Alternatively, look into a wire guard vpn or something like tailscale.
A community for everything relating to the linux operating system
Also check out [email protected]
Original icon base courtesy of [email protected] and The GIMP
IP white lists are, as you have found out, essentially dead. You should just do proper authorization.
Alternatively, look into a wire guard vpn or something like tailscale.
wym look into a vpn? How would that work?
There's no tidy way to do it. You can configure a dynamicDNS from the dynamic IP, then set up a cron from the server to check that record every hour or so. Update the whitelist accordingly.
The other way to do it is to have an intermediate jump point and whitelist that.
Both have their drawbacks. I'd personally go the dyndns route. But I'd be sure a had a static IP I could ssh from as a fallback in case I had problems. You don't want to lock yourself out.
If you want this service to only be available privately, it would probably make sense to stuff it behind a VPN like wireguard, instead of making it open to the public and only accessible by specific ips.
wym look into a vpn? How would that work?
Ah! People think of VPNs a bit narrowly now because of all of the commercial VPN companies, but VPNs can really be what they say on the tin "virtual private networks". Basically you set aside a private IP range for your network and you can tunnel traffic between devices as though they're all on one big LAN. This is often used to access internal resources remotely, and the VPN is used to authenticate your access to various servers. So, for example I can access my home servers to clone git repos or whatever from a wireguard VPN, but those servers are otherwise not exposed on the broader internet.
I think I'm confused about your use case, though. You're using somebody else's sync servers, but you can have an IP blocklist on them? What do you mean your app connects to the sync server? What devices is the app running on? Is it just your personal devices, or is it an app that other people would use? I think some more details might help people get you to the right solution. Would be good to know why you want an IP blocklist, what this is for specifically, where the blackllist is, and what you actually have access to changing!
Could you explain what the app is?
You could maybe find the company's IP range and whitelist that, or just whitelist the port it's using.
But as you've seen from the replies, the information you've given is very vague.