Information for: DEVELOPERS   PARTNERS

Securing your application with IP address whitelisting

The Pipelines user interface is incompatible with IP address whitelisting. Use pipelines from the command line instead. For more information, see this known issue.

As an optional security measure, you can configure an application to allow only IP addresses you specify to access it in the Acquia Cloud user interface.

By default, users who have access to an application, by being a member of a team assigned to an application, can sign in to the Acquia Cloud user interface and access the application from any IP address. Acquia Cloud controls user access with a username and password, the roles and permissions assigned to users, and optionally, two-step verification.

For more security, you can prohibit users from signing in to the Acquia Cloud user interface unless they do so from one of the IP addresses you specify. This feature, IP address whitelisting, affects only access to the Acquia Cloud user interface; it doesn’t affect normal access to the websites you host on Acquia Cloud.

Note

For information about using Acquia Cloud Shield to manage SSH access, see Controlling access with Acquia Cloud Shield.

Enabling IP address whitelisting

Only users who have the Owner or Administrator role for an application’s organization can enable or disable IP address whitelisting for an application. To enable IP address whitelisting, complete the following steps:

  1. Sign in to Acquia Cloud with the Owner or Administrator role.

  2. Select the application you want to work with.

  3. In the menu on the left side, click Security.

  4. On the Security page, click Edit to open the Edit security settings page.

    Editing security settings

  5. Under IP restrictions, select Only allow whitelisted IPs.

  6. Enter an IP address you want to allow to access your application through the Acquia Cloud user interface. Click Add another to add more IP addresses.

  7. Click Save.

If you must whitelist Acquia’s IP addresses for your websites or services, contact Acquia Support to obtain the necessary IP address ranges.

Note

Acquia employees with the proper permissions (such as members of Acquia Support) will still be able to access your Acquia applications.