@parellifoundation100 yes, this is possible. Pipedream doesn’t operate a user-configurable firewall that would allow you to block this traffic completely, but we can prevent these HTTP requests from being emitted from the event source (which means they wouldn’t show up in your list of events, or via API).
Above the list of events in your event source, you’ll see a Configuration tab. Click that, then replace the code you see there with this:
const http_app = require('../../http.app.js')
const { isInSubnet } = require('is-in-subnet');
// Core HTTP component
// Returns a 200 OK response, emits the HTTP payload as an event
module.exports = {
key: "http-new-requests-payload-only",
name: "New Requests (Payload Only)",
description: "Get a URL and emit the HTTP body as an event on every request",
version: "0.0.2",
props: {
http: {
type: "$.interface.http",
customResponse: true,
},
http_app,
},
async run(event) {
const ip = event.headers['x-forwarded-for']
if (!isInSubnet(ip, ["185.107.232.0/24"])) {
console.log(`IP ${ip} not allowed`)
return
}
const { body } = event;
this.http.respond({
status: 200,
body
});
// Emit the HTTP payload
this.$emit({ body });
}
};
This is the relevant part of the code:
const ip = event.headers['x-forwarded-for']
if (!isInSubnet(ip, ["185.107.232.0/24"])) {
console.log(`IP ${ip} not allowed`)
return
}
event.headers['x-forwarded-for'] contains the client IP address of the incoming request. We ask: “is that address in the 185.107.232.0/24 subnet?” (defines the range you noted above). If it is, we move on and emit the event. Otherwise, we log the IP address and return; in this case, we do not emit the event, so again, it won’t appear in your event data.
Let me know if that helps!