Restricting Access by IP Address

Applies To:

HTTP LargeThis platform has been optimized to cache and deliver static content (e.g., HTML, CSS, JavaScript, ISO, multimedia, and software downloads, etc.) over HTTP or HTTPS.

HTTP SmallLegacy. If you are currently serving traffic over this platform, then you may continue to do so. However, we recommend that you serve your traffic over our more robust HTTP Large platform.

ADNThe Application Delivery Network platform has been optimized to deliver dynamic content (e.g., login credentials, account information, etc.) over HTTP or HTTPS. Typically, user-specific and database-driven content are served over this platform.

TBAThe Token-Based Authentication feature enforces authentication prior to content delivery. Authentication takes place via an encoded token value that must be included in the request URL. This token value is then decrypted on an edge server. The requested content will only be delivered when the user meets the requirement(s) defined in the token.

Access may be restricted according to the requester's IP address. This can be accomplished by only allowing requests that originate from either:

A specific IP address.
HTTP-Based Platforms Only: An IP address associated with a specific subnet.

The set of allowed IP addresses can be defined through the ec_clientip parameter. A token containing this parameter will deny requests from all other IP addresses.

The ec_clientip parameter supports standard IPv4/IPv6 and CIDR notation.

Example

The following table provides sample values for the ec_clientip parameter.

Configuration Description	Sample ec_clientip Value	Allows Requests From
Allow requests from a specific IP address (IPv4)	11.22.33.44	11.22.33.44
Allow requests from any IP address associated with a specific subnet (IPv4)	11.22.33.0/22	11.22.32.1 to 11.22.35.254