We (Meshify) are trying to use Netlify for deployment of a new app, until some issues are fixed, we would like only a whitelist of particular IP addresses to access the app. Password auth doesn’t work simply because our internal users might share the password on accident. Is there any way to setup netlify so that the site can only be used if I am accessing from a particular set of IPs?
Hi, @jdetle, and welcome to our community site.
At this time, there is no way to allow or block access to a Netlify site based on the IP address the request comes from.
Is this still the case? We would like to use a site audit bot which requires whitelisting of IP’s.
Hi, @danwade0, and welcome to the Netlify site.
Yes, this is unchanged. There is no way to allow or deny access to a site based on IP address at this time.
Please note, if you are doing load testing or security/penetration testing, that needs to be scheduled and approved by Netlify in advance.
If the audit bot is just checking your site to see if it meets certain security requirements, in most cases there won’t be anything to block it from making these checks. Again though, we do want to know in advance just in case so if it does cause issues.
That way, if the scan is breaking something, we will know who to contact and so we can ask for the scan to stop if necessary. Also, knowing in advance will keep up from blocking the IP address as an attack if the volume of traffic is high. It sounds like this blocking is what the audit bot company is trying to prevent.
If you do want to get approval for a site scan, please let us know and we’ll contact you to get more details.