When working with applications in ASP.NET Core 6, you will often want to create an IP address whitelist to allow client requests only from certain IP addresses, while blocking requests from all other addresses. We do this to protect our API endpoints from potentially malicious requests from bad actors, while at the same time allowing requests originating from trusted IP addresses.
Also called an IP safelist, an IP whitelist helps to ensure that our application’s sensitive data is exposed only to IP addresses that we know and trust. An IP whitelist can be implemented in ASP.NET Core by using middleware or by using MVC action filters. This article shows how we can implement an IP whitelist in ASP.NET Core 6 by using middleware.