This article is for users who would like to restrict access to their account to people based on specific IP address/es.
How to use IP restriction
Please consult the following process when considering setting up IP restrictions. If you already have the security features enabled on your account, please skip to step 3 below.
- Contact us by writing (help centre or email) to confirm you would like to enable IP restrictions on your account.
- We will confirm with you when this functionality has been enabled on your account.
- You will need to collect the IP address / range to be allowed access from your IT department.
- Once you have this, you will log into your account
- Click 'Account' in the top right corner
- Click 'Security' from the top menu
- Click 'IP Restrictions'
- Set up a new rule for your IP address / range
Before you enable IP restrictions
- You will need to be logged in as the account administrator.
- Familiarise yourself with the different rule definitions:
a) Allow - uses two-step verification, if it has been configured
b) Allow (skip two-step verification) - allows login and bypasses two-step verification
c) Allow (require two-step verification) - requires two-step verification process upon login
d) Deny - users will be unable to login
- If you use the API, you are able to restrict access for the API to specific IP's. API access outside those ranges will be blocked.
- You should reconfigure the default rule if required - this is the setting which will apply to anyone who logs in from an IP which has not been set up in your rules. Please note that if you deny access to all IP's not included in the IP rules list, any users in the excluded IP's may become locked out.
If the account being restricted is a sub-account in your Corporate account structure, users of the head / master account will still be able to access it - even if IP restrictions are in place.