In this example, we'll show you how you can implement a simple but effective IP firewall using Serverless Scripting.
Create Script
Route: *
Note: this will apply the firewall to your entire site. If you want to lock down a specific part of your site you can change the route to be more specific.
Script contents:
addEventListener('fetch', event => {
event.respondWith(fetchAndApply(event.request))
})
async function fetchAndApply(request) {
//Create an Array of IP's to block
var blacklist = ["192.168.1.1", "192.168.1.2"];
//Check if IP is blacklisted by getting the client IP from the x-sp-client-ip header
if (blacklist.includes(request.headers.get('x-sp-client-ip'))) {
return new Response('Sorry, this page is not available.',
{ status: 403, statusText: 'Forbidden' })
}
return fetch(request)
}Accessing your Script
Once the above has been created, you can access your script using any of the delivery domains on your account. In my example, I can access this script with https://sitehash.stackpathcdn.com/hello-world