You can configure whitelists for your PolarDB-X instance. Whitelists do not affect the performance of the PolarDB-X instance in a negative manner. We recommend that you manage the whitelists of your database instance on a regular basis. This can help ensure that the data on your PolarDB-X instance is secure. This topic describes how to configure a whitelist for your PolarDB-X instance.
Note
After you create a database in your PolarDB-X instance, the default whitelist contains only the
127.0.0.1IP address. In this case, no IP addresses can access the database. To ensure that your data is secure, we recommend that you specify only the public IP addresses or CIDR blocks of your web servers in the whitelists of your instance.You can create up to 50 whitelists for a PolarDB-X instance, and each whitelist can contain up to 300 IP addresses and CIDR blocks.
Add a whitelist
Log on to the PolarDB for Xscale console.
In the top navigation bar, select the region where the target instance is located.
On the Instances page, click the PolarDB-X 2.0 tab.
Find the target instance and click its ID.
In the left-side navigation pane, choose ConfigurationManagement > Safety management.
On the Whitelist settings tab, click Add Whitelist.
In the Add Whitelist panel, configure the parameters.
Parameter
Description
Group name
Specify a name for the whitelist.
Whitelist in group
Specify IP addresses.
NoteYou can enter IP addresses and CIDR blocks. For example, you can enter the 192.168.0.1 IP address and the 192.168.0.0/24 CIDR block.
You can specify up to 300 IP addresses and CIDR blocks in a whitelist.
Separate multiple IP addresses and CIDR blocks with commas (,). For example, you can enter 192.168.0.1,192.168.0.0/24.
If you want to block access from all IP addresses, you can specify 127.0.0.1 in the whitelist.
PolarDB-X supports filling in an IP address of 0.0.0.0/0, which is open to all IP addresses. Set to 0.0.0.0/0 has a security risk, please use it carefully.
Click OK.
NoteThe whitelist takes effect approximately 1 minute after it is created.
Modify a whitelist
Log on to the PolarDB for Xscale console.
In the top navigation bar, select the region where the target instance is located.
On the Instances page, click the PolarDB-X 2.0 tab.
Find the target instance and click its ID.
In the left-side navigation pane, choose ConfigurationManagement > Safety management.
On the Whitelist settings tab, find the whitelist that you want to modify and click Config in the Operation column.
In the Configure whitelist panel, update the IP addresses or CIDR blocks in the Whitelist in group field.
Parameter
Description
Whitelist in group
Update the IP addresses or CIDR blocks.
NoteYou can enter IP addresses and CIDR blocks. For example, you can enter the 192.168.0.1 IP address and the 192.168.0.0/24 CIDR block.
You can specify up to 300 IP addresses and CIDR blocks in a whitelist.
Separate multiple IP addresses and CIDR blocks with commas (,). For example, you can enter 192.168.0.1,192.168.0.0/24.
If you want to block access from all IP addresses, you can specify 127.0.0.1 in the whitelist.
PolarDB-X supports filling in an IP address of 0.0.0.0/0, which is open to all IP addresses. Set to 0.0.0.0/0 has a security risk, please use it carefully.
Click OK.
NoteThe whitelist modification takes effect after approximately 1 minute.
Delete a whitelist
Log on to the PolarDB for Xscale console.
In the top navigation bar, select the region where the target instance is located.
On the Instances page, click the PolarDB-X 2.0 tab.
Find the target instance and click its ID.
In the left-side navigation pane, choose ConfigurationManagement > Safety management.
On the Whitelist settings tab, find the whitelist that you want to delete and click Delete in the Operation column.
In the message that appears, click OK.