Information for: DEVELOPERS   PARTNERS

Securing your application with IP address whitelisting

As an optional security measure, you can configure an application to allow only IP addresses you specify to access it in the Cloud Platform user interface.

By default, users who are members of a team assigned to an application can sign in to the Cloud Platform user interface and access the application from any IP address. Cloud Platform controls user access with a username and password, the roles and permissions assigned to users, and optionally, two-step verification.

For extra security, you can prohibit users from signing in to the Cloud Platform user interface unless they do so from one of the IP addresses you specify. This feature, IP address whitelisting, affects only access to the Cloud Platform user interface. IP address whitelisting doesn’t affect normal access to the websites you host on Cloud Platform.

Note

For information about using Acquia Shield to manage SSH access, see Controlling access with Acquia Shield.

Enabling IP address whitelisting

Only users who have the Owner or Administrator role for an application’s organization can enable or disable IP address whitelisting for an application. To enable IP address whitelisting, complete the following steps:

  1. Sign in to Cloud Platform with the Owner or Administrator role.

  2. Select the application you want to work with.

  3. In the menu on the left side, click Security.

  4. On the Security page, click Edit Settings to open the Edit security settings page.

  5. In the IP restrictions list, click Only allow whitelisted IPs.

  6. Enter an IP address you want to allow to access your application through the Cloud Platform user interface. Click Add another to add more IP addresses.

    Note

    Cloud Platform doesn’t support adding IP address ranges.

  7. Click Save.

If you must whitelist Acquia’s IP addresses for your websites or services, contact Acquia Support to obtain the necessary information.

Note

Acquia employees with the proper permissions (such as members of Acquia Support) can still access your Acquia applications.