How do I whitelist an IP Address / Network Range?
Linode
Linode Staff
I was told that I need to whitelist an extensive range of network addresses and ranges provided in a list. How do I go about this process?
For example:
192.168.0.0/24
10.0.1.0/23
203.0.113.0/24
198.51.100.34/32
1 Reply
hphillips
Linode Staff
It should be noted that this question could be in regard to many different types of software and systems, all of which may implement whitelisting in different ways. In this answer I will try to cover two common cases of whitelisting, the iptables firewall and the Apache web server.
iptables
By default on most Linux distributions, the default policy is to allow traffic, however if you have configured your IP tables rules to default to deny traffic, you can use this guide to learn more about firewall rules.
https://www.linode.com/docs/security/firewalls/control-network-traffic-with-iptables/
In general you will create a series of rules that will look like corresponding to the lines above:
iptables -I INPUT -s 192.168.0.0/24 -j ACCEPT
iptables -I INPUT -s 10.0.1.0/23 -j ACCEPT
iptables -I INPUT -s 203.0.113.0/24 -j ACCEPT
iptables -I INPUT -s 198.51.100.34/32 -j ACCEPT
Apache
For Apache, you will want to modify the configuration file for your web site. For example your web sites configuration file is in /etc/http/conf/httpd.conf, you would add rules like the following:
<Directory /var/www/>
Order allow,deny
Allow from 192.168.0.0/24
Allow from 10.0.1.0/23
Allow from 203.0.113.0/24
Allow from 198.51.100.34/32
</Directory>