Thanks a lot for the detailed response Jeff. I will surely look at the API that you suggested.
On Monday, 11 January 2016 01:08:52 UTC+5:30, Jeff Schnitzer wrote: > > Please star this issue: > > https://code.google.com/p/googleappengine/issues/detail?id=7415 > > I have to warn you, however, what you are doing (forwarding all traffic > through a proxy) is dangerous. Google has some sort of attack detection and > prevention system that recognizes malicious traffic patterns and blocks out > access from suspect IP addresses. Because all of your traffic will be > coming from a single IP address, if an attacker trips this mechanism, > Google will block _all_ of your traffic. > > This defensive system is totally undocumented, but it does exist - a > couple years ago, this resulted in my website being shut down because I was > proxying all traffic through CloudFlare. After about half a day of > downtime, Google and CF got together and whitelisted the appropriate IP > addresses. Running your own private proxy means this is failure case is > less likely to happen, but it also means that if it does happen, you alone > will have to work through Google's support tiers find someone who > understands the issue. > > I also run a whitelabeled system with hundreds of domains. The > verification system is a huge PITA, especially because verification is tied > to google *user accounts* and not the application project (that's right - > the GAE "custom domains" panel looks totally different depending on who you > are logged in as). However, there is an API for it: > > https://developers.google.com/site-verification/ > > I haven't tried it yet, but if you do, please report back. > > Jeff > > > On Sun, Jan 3, 2016 at 11:22 PM, Mayank Bhagya <[email protected] > <javascript:>> wrote: > >> Thanks for the reply Adam. >> >> We're already forwarding the IP address as a request header, but Google >> doesn't derive lat-long, country etc. using the forwarded IP. >> It uses the IP of the nginx machine to derive the lat long, country and >> other data. >> >> So my question is if there exists a way to tell GAE to use a particular >> header for extracting the IP address. >> >> On Monday, 4 January 2016 01:14:12 UTC+5:30, Adam (Cloud Platform >> Support) wrote: >>> >>> You could try forwarding them as extra custom headers, as in this >>> example >>> <https://easyengine.io/tutorials/nginx/forwarding-visitors-real-ip/>, >>> and then check for these different headers on App Engine. >>> >>> On Friday, January 1, 2016 at 2:39:45 AM UTC-5, Mayank Bhagya wrote: >>>> >>>> >>>> Hello, >>>> >>>> I am using nginx as a reverse proxy in front of my appengine app. >>>> >>>> So the client's IP doesn't turn up in the remote_addr of the request >>>> that reaches app engine. >>>> Instead, remote_addr has the ip of the machine running nginx. >>>> >>>> So lat-lng, country and other headers are not getting populated >>>> correctly. >>>> Is there anyway I can tell appengine to use the forwarded IP to compute >>>> lat-lng, country etc? >>>> >>>> Thanks. >>>> -mayank >>>> >>> -- >> You received this message because you are subscribed to the Google Groups >> "Google App Engine" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To post to this group, send email to [email protected] >> <javascript:>. >> Visit this group at https://groups.google.com/group/google-appengine. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/google-appengine/e1d78479-2905-4333-941d-342063262ef7%40googlegroups.com >> >> <https://groups.google.com/d/msgid/google-appengine/e1d78479-2905-4333-941d-342063262ef7%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/8c0f8164-e1bb-4a29-8686-5dc006f9d40e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
