There really isn't such a thing as "IP spoofing." This SO post discusses the matter: http://stackoverflow.com/questions/12736872/can-someone-spoof-an-ip-address-to-any-number
On Heroku, there is indeed a special consideration for IP address: they do not behave the way normal Rails apps do. Instead, you'll want to examine this: request.headers['X-Forwarded-For'] I recommend this great gem for this task, which also serves a double purpose of fending off DDOS attacks (which every app should have installed) https://github.com/heroku/rack-timeout Using rack-timeout you can set up pretty much any Rack-level restrictions you want, including a restriction for a specific part of the app to be available only to a whitelisted set of IPs > On Dec 6, 2016, at 5:34 AM, Neil Middleton <n...@neilmiddleton.com> wrote: > > This is something you need to do within your app. There's nothing that does > this at the platform level. > Saying that though, IP spoofing is dead easy so I would question the merit of > doing this at all. > > On Tue, 6 Dec 2016, 10:31 Steve Button, <steve.but...@gmail.com > <mailto:steve.but...@gmail.com>> wrote: > Hi, > > Been trying to google for this for a while, and nothing recent + nothing > seems to actually answer the question. > > We have a /admin area within our site, which we would like to restrict to a > certain range of IP addresses (or list of IPs). > > Can this be achieved easily within Heroku? > > Thanks, > > > -- > -- > You received this message because you are subscribed to the Google > Groups "Heroku" group. > > To unsubscribe from this group, send email to > heroku+unsubscr...@googlegroups.com > <mailto:heroku%2bunsubscr...@googlegroups.com> > For more options, visit this group at > http://groups.google.com/group/heroku?hl=en_US?hl=en > <http://groups.google.com/group/heroku?hl=en_US?hl=en> > > --- > You received this message because you are subscribed to the Google Groups > "Heroku Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to heroku+unsubscr...@googlegroups.com > <mailto:heroku+unsubscr...@googlegroups.com>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. > > -- > -- > You received this message because you are subscribed to the Google > Groups "Heroku" group. > > To unsubscribe from this group, send email to > heroku+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/heroku?hl=en_US?hl=en > <http://groups.google.com/group/heroku?hl=en_US?hl=en> > > --- > You received this message because you are subscribed to the Google Groups > "Heroku Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to heroku+unsubscr...@googlegroups.com > <mailto:heroku+unsubscr...@googlegroups.com>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. ---- Jason Fleetwood-Boldt t...@datatravels.com http://www.jasonfleetwoodboldt.com/writing If you'd like to reply by encrypted email you can find my public key on jasonfleetwoodboldt.com <http://jasonfleetwoodboldt.com/> (more about setting GPG: https://gpgtools.org) -- -- You received this message because you are subscribed to the Google Groups "Heroku" group. To unsubscribe from this group, send email to heroku+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/heroku?hl=en_US?hl=en --- You received this message because you are subscribed to the Google Groups "Heroku Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to heroku+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.