Flask App Keep Getting Called From 192.168.0.x

I'm not sure if this is the right place to ask, but i noticed that my app is getting call from 192.168.0.x. i suspect this causing my memory usage keep climbing up.

this is a new site, i don't think anyone know about it yet. I don't know what i did wrong.
looks like you’re getting targeted, i’ve never seen this before. does your service have a public link?
what do you mean by targeted? yes it has
someone has a bot trying to get into your app
unless you have anything private in there, you’ll be fine
ah yes, someone tried to buy my site once but i declined. i was suspecting this as well.

then earlier today i implemented rate limiter. it stopped some requests (the 429 above in the screnshot) but i couldn't access the url that got 429 too myself.
Looks like they’re just iterating through a dictionary of words trying to find an endpoint
I wouldn’t worry about it since you’ve implemented a rate limit
it does look like some silly bot, but it's 192.168.0.x because that's railways proxy and you haven't trusted the proxy header X-Forwarded-For that shows the origin ip
ah thanks @Brody i've been wondering why it shows 192.168.0.x. how do i trust the proxy header so i can rate limit it properly?
nearly every framework in existence has a "trust proxy" or "real ip" middleware that looks at some proxy headers and updates the request object with the values from some proxy headers
thanks! i'm trying it now
after printing the user agent, turns out the request came from moz crawler. i setup crawler rules in the robots.txt now it's fine.
perfect, glad you found a solution!

Looking for more? Join the community!

Recommended Posts
sslIm new to all this so bare with me. I have a .dev site and the ssl giving me some issues. I'm gettiDeploy Logs Incorrectly Highlighting Logs as ErrorI'm having this issue with a custom log formatter on python defined like this: ``` formatter = loggDeployment stuck while pushing the image and failing after ~30minsHi, I have 4 environment in a project. I'm deploying fastapi application using uvicorn, it was takinpg_restoreIs remote postgres pg_restore from a local binary dump file supposed to take super long? It took likRemove 2FAHi!  I had a string of bad luck and lost my 2FA key for my account. Then I proceeded to use my recoRegion SelectionThe database and the services I work with are in the European region so I'm experiencing some delaysExperiencing crash with no output for the reason of the crash.Hello, I'm having issues with my project that I'm working on. I'm trying to test uploading some datRailway StrapiHi. It's taken me entire day and I think I am getting close. I deployed Strapi with postgres on RailLogs down?I haven't been able to see any logs, deploy or build or observability for the past 15 minDeploy from Gitlab failsI am getting the error: error sending request for url (https://backboard.railway-develop.app/graphRailway Github ActionHey i followed the blog online and am trying to deploy my railway app under a `backend/` directory iBuild slowHi, ive pushed some updates to my sveltekit app that makes my buildtime about 4 minutes for some reaIssue Deploying Laravel PHPHello, i'm trying to deploy an already existing project made in PHP, using Laravel, and i'm trying tCustom domain not showing CNameHi! Just wanted to deploy our main app to Railway but when adding a custom domain it shows an error custom domain via googleHi! I am trying to deploy to a custom domain managed by google, and saw a bunch of posts about issueenvironments are linked together?I've two environments, production and development. If I delete one service in development, it shoulDeployment stuck at building phaseDeployments are stuck at #3 [internal] load metadata for ghcr.io/railwayapp/nixpacks:ubuntu-1693872Outbound traffic to Google Pub/Sub limitedProject id: bc848a89-1faa-4b26-af86-58c13f7a2e99 I am using using google pub/sub with pull subscripAccessing secret env variables during build step```toml [variables] GOPRIVATE="github.com/stroomnetwork" STROOM_REPOS_ACCESS_KEY="ghp_THIS is Secretidle cron job resource usuageim playing around with cron jobs, and they seem to be using around 200mb of ram idly even when not r