Add the ability to restrict form access to trusted IP
Sean Leas
Add is ability to restrict or log IP in a form so it can be used as a variable to authenticate that the form request originated from a trusted location.
Log In
D
Dan Knutson
Merged in a post:
Meraki crate
Terry Bolton-Williams
to block IPs (and websites) on all firewalls across all companies and locations
D
Dan Knutson
Merged in a post:
Allow additional headers on integrations
Mendy Green
Configuring integrations should allow for custom headers that'll let us pass in API Bypass headers or Cloudflare authentication tokens so we don't have to whitelist by IP and make sure only our configured integration can connect Cloudflare and other WAFs
D
Dan Knutson
Merged in a post:
Webhook Security - Restrict IP
Kevin Landers
Add the ability to limit webhook access by IP address.
Tim Fournet
Hi! These can be done now!
The
X-Forwarded-For
header in CTX.headers
in the workflow will contain the IP address of the requestor. You can compare that against a list of "permitted" IP addresses that you maintain.You can also require a Secret Key in your webhook configuration. It will require the select key to be sent as a header named
x-rewst-secret
Richie Sinnreich
Or some kind of signature verification. IP is useful but sometimes we are running them from an azure function that can have a dynamic IP. the more options we have for security the better.