Security News
Meet Socket at Black Hat Europe and BSides London 2025
Socket is heading to London! Stop by our booth or schedule a meeting to see what we've been working on.
By Anders Søndergaard - Nov 11, 2025
repoze.what.plugins.ip
Advanced tools
- Version
- 0.2
- Maintainers
- 1
repoze.what.plugins.ip
It is a repoze.what_ plugin that provides an ip_from predicate.
Installation
easy_install_::
$ <env>/bin/easy_install repoze.what.plugins.ip
pip_::
$ <env>/bin/pip install repoze.what.plugins.ip
Source
The source code can be found at code.google.com_.
Usage
ip_from([allowed=None], [proxies=None]) checks whether REMOTE_ADDR in the
environment points to an allowed IP address. If HTTP_X_FORWARDED_FOR is set
in the environment (meaning proxy access) then REMOTE_ADDR is treated as a proxy
address and HTTP_X_FORWARDED_FOR as an originating IP address.
allowed optional, default - None
A list of IPs to allow access. Can be a string which is then interpreted as
a single IP address
proxies optional, default - None
If a list or tuple provided then treated as a list of authorized proxy IP
addresses.
If a string or unicode provided then treated as a single IP address.
Any other value - ``bool(proxies) == True`` means that all proxies are
accepted
You can filter the incoming IP address::
>>> from repoze.what.plugins.ip import ip_from
>>> p = ip_from(allowed=['192.168.1.1'])
>>> env = {'REMOTE_ADDR': '192.168.1.1'}
>>> p.is_met(env)
True
>>> env = {'REMOTE_ADDR': '192.168.1.10'}
>>> p.is_met(env)
False
By default proxy access is disabled. You can enable it with proxies=True::
>>> p = ip_from(allowed=['192.168.0.0/24'], proxies=True)
>>> env = {
... 'REMOTE_ADDR': '192.168.1.1', # proxy
... 'HTTP_X_FORWARDED_FOR': '192.168.1.5' # origin
... }
>>> p.is_met(env)
True
And you can also explicitly specify proxies to allow::
>>> p = ip_from(allowed='192.168.1.5', proxies=['192.168.0.0/24'])
>>> env = {
... 'REMOTE_ADDR': '192.168.1.1', # proxy
... 'HTTP_X_FORWARDED_FOR': '192.168.1.5' # origin
... }
>>> p.is_met(env)
True
.. _repoze.what: http://what.repoze.org/docs/1.0/ .. _easy_install: http://peak.telecommunity.com/DevCenter/EasyInstall .. _pip: http://pip.openplans.org/ .. _code.google.com: http://code.google.com/p/repoze-what-plugins-ip/
FAQs
ip based restrictions for repoze.what.
We found that repoze.what.plugins.ip demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
OWASP 2025 Top 10 Adds Software Supply Chain Failures, Ranked Top Community Concern
OWASP’s 2025 Top 10 introduces Software Supply Chain Failures as a new category, reflecting rising concern over dependency and build system risks.
By Sarah Gooding - Nov 08, 2025
Research
/Security News
9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads
Socket researchers discovered nine malicious NuGet packages that use time-delayed payloads to crash applications and corrupt industrial control systems.
By Kush Pandya - Nov 06, 2025