[pudsec]

Be careful, there's ways around just blocking the IP address;

https://myraah.io/index.php/visualmind/report/aHR0cDovL2F3c2...

[stevekemp]

Agreed. I put together a little library to handle denying access to "local" resources, to abstract this a little and avoid overlooking common mistakes:

https://github.com/skx/remotehttp