I want to set up a IP whitelisting system to protect my web server.
There is 3 Layers I can secure: (Internet =>) Firewall => Nginx Reverse Proxy => Node.js Server
In terms of practicality, I'm securing my Node.js server, because I can dynamically Allow/Deny IPs in a Real-Time Firebase Table I edit via a custom web interface. But It doesn't prevent DDoS cleanly because Even though I will return an error to unauthorized IPs, my node server would handle the load directly which is not good...
I would prefer to protect my server in a upper level, like Nginx or Firewall. However, the IP lists are files on the server, and it seems complicated to implement a solution as comfortable as the one I use now.
What do you suggest, and what do you think of my current solution ?
Thanks !
via Elie Zgala
No comments:
Post a Comment