---
title: "Securing your application with IP address allowlisting"
date: "2024-02-14T06:18:38+00:00"
summary: "Enhance your application's security with IP address allowlisting. Learn how to restrict Cloud Platform UI access to specific IP addresses, adding an extra layer of protection for your Drupal site."
image:
type: "page"
url: "/acquia-cloud-platform/securing-your-application-ip-address-allowlisting"
id: "58105166-96f2-47d8-93a2-e9cad4ef0f55"
---

As an optional security measure, you can configure an [application](/acquia-cloud-platform/manage-apps/cloud-platform-interface) to allow only IP addresses you specify to access it in the Cloud Platform user interface.

By default, users who are [members of a team](/acquia-cloud-platform/access/teams) assigned to an application can sign in to the Cloud Platform user interface and access the application from any IP address. Cloud Platform controls user access with a username and password, the [roles and permissions](/acquia-cloud-platform/access/teams/roles) assigned to users, and optionally, [two-step verification](/acquia-cloud-platform/access/two-step-verification).

For extra security, you can prohibit users from signing in to the Cloud Platform user interface unless they do so from one of the IP addresses you specify. This feature, _IP address allowlisting_, affects only access to the Cloud Platform user interface. IP address allowlisting doesn’t affect normal access to the websites you host on Cloud Platform.

Note

For information about using Shield to manage SSH access, see [Controlling access with Shield](/acquia-cloud-platform/add-ons/shield/allowlist).

Enabling IP address allowlisting
--------------------------------

Only users who have the _Owner_ or _Administrator_ role for an application’s [organization](/acquia-cloud-platform/access/teams/organizations) can enable or disable IP address allowlisting for an application.   
To enable IP address allowlisting:

1.  [Sign in to the Cloud Platform user interface](/node/55875) with the _Owner_ or _Administrator_ role.
2.  Select the application you want to work with.
3.  In the menu on the left side, click **Security**.
4.  On the **Security** page, click **Edit Settings** to open the Edit security settings page.
5.  In the **IP restrictions** list, click **Only allow allowlisted IPs**.
6.  Enter an IP address you want to allow to access your application through the Cloud Platform user interface. Click **Add another** to add more IP addresses. Cloud Platform does not support adding IP address ranges.
7.  Click **Save**.

If you must allowlist Acquia’s IP addresses for your websites or services, [create a Support ticket](https://docs.acquia.com/service-offerings/support#contact-acquia-support) to obtain the necessary information.

Note

Acquia employees with the proper permissions (such as members of Acquia Support) can still access your Acquia applications.