I am running a server on AWS that listens for API calls from my Bubble app.
For security reasons I want to restrict the IP ranges that can talk to my AWS server. I just want the back end of my Bubble app to make the calls.
Is there a published list of Bubble IP ranges?
Not really. This feature is only available if you have a dedicated plan.
Bummer. I’ve implemented header security for APIs so hopefully not a huge deal, but it would have been nice to be able to lock it down further.
Do we know if Bubble uses, for instance, AWS, and I could just whitelist all AWS IP space? Obviously with this method an attacker could use an AWS intermediary, but it would still add some degree of extra protection.
