Looking to restrict access to your account to certain IP addresses? This guide will walk you through the process.
You will be required to have an understanding of IP addresses and IP ranges. If unsure, please get in touch with your IT provider or system administrator for details.
If you don't see the IP Restrictions option below, please submit a request with our Customer Success Team to have the feature enabled on your account first.
Before We Begin
- You will need to be logged in as the account administrator.
- Familiarise yourself with the different rule definitions:
- a) Allow - uses two-step verification, if it has been configured
- b) Allow (skip two-step verification) - allows login and bypasses two-step verification
- c) Allow (require two-step verification) - requires two-step verification process upon login
- d) Deny - users will be unable to login
- If you use the API, you are able to restrict access for the API to specific IP's. API access outside those ranges will be blocked.
- You should reconfigure the default rule if required - this is the setting which will apply to anyone who logs in from an IP which has not been set up in your rules. Please note that if you deny access to all IP's not included in the IP rules list, any users in the excluded IP's may become locked out.
- Please be aware that if the account being restricted is a sub-account in your Corporate account structure, users of the head / master account will still be able to access it - even if IP restrictions are in place.
- Log into your account and click the cog icon at the top right.
- Select the Security tab.
- Click IP Restrictions.
- Click Add Rule to configure your - to either allow, or deny, access - as required.
Additional Security Measures
You can also enable two-factor authentication (2FA) if you wish.