I'm currently using an API to display reviews on my Webstudio site. For security reasons, I need to restrict access to my API to specific IP addresses. However, I've noticed that the IP address used by Webstudio for fetch requests seems to change regularly.
As a result, I'm stuck. Does anyone have a solution to manage this problem of dynamic IP addresses with Webstudio and APIs?
You don't think that an unrestricted API key could allow malicious users to get hold of it and use it? I don't know what the standard is, I have played very little with the Google API keys
@John Siciliano No, unfortunately I did a lot of research on this subject and for the Google Maps "Place View" API, it does not work. You must use IP addresses (I also asked Google Cloud Console support)
Somehwere in billing you can say max amount. Even if you did restrict the key, thats not protecting you from mistakes on your side.. what if you implement some infinite redirect and it calls it many times?
Because IPs changes, our infrastructure can change, and im not confident in the IP to block. It's also not needed if you implement a quota as you'll be protected in the very unlikely event your key is leaked