IP Access Feature
You can restrict or allow access to your deployment domain based on IP addresses using the IP Access feature, available in the Settings tab of your dashboard.
π§ How to Enable Itβ
- Go to the Settings tab.
- Switch from Basic Mode to Advanced Mode by toggling the mode switch.
IP Access Sectionβ
Once you're in Advanced Mode, you'll see the IP Access section. This section includes two tabs:
- Whitelist β Specify the IPs or CIDR ranges allowed to access your deployment domain.
- Blacklist β Specify the IPs or CIDR ranges that should be blocked from accessing your deployment.
These controls help you restrict access to your environments based on your organization's security needs.
βοΈ How It Worksβ
You can enter the following in either tab:
- A specific IP address (e.g.
203.0.113.5) - A CIDR range (e.g.
192.168.0.0/24)
The system determines access based on the following logic:
| Scenario | Access Result |
|---|---|
| IP exists in both Whitelist and Blacklist | β Blocked |
| IP exists in Whitelist only | β Allowed |
| IP exists in Blacklist only | β Blocked |
| IP exists in neither | β Allowed (default) |
β οΈ Note: If an IP is present in both lists, Blacklist takes precedence.
π¨ Conflict Detectionβ
If an IP is listed in both the Whitelist and Blacklist, the system will highlight the conflict in the UI to make it easy to resolve.
β Recommendation: For optimal behavior, use only one list β either Whitelist or Blacklist, not both.
π§ͺ Example: Blocking Your Own IPβ
Letβs walk through a real-world test using your public IP:
- Add your public IP address to the Blacklist tab.
- Click Save.
This action creates an Ingress annotation behind the scenes that blocks the IP at the Kubernetes level.
Now try accessing your deployment domain:
- From your machine (the blacklisted IP): You will receive a 403 Forbidden error.
- From another IP or machine: The domain will load normally.
