edit-icon download-icon

Set IP whitelists

Last Updated: Jan 17, 2018

To guarantee database security and stability, ApsaraDB for MongoDB automatically adds the IP address 127.0.0.1 to the whitelist after an instance is created. Therefore, after you create an instance, add the IP addresses or segments that need to access the database to the whitelist. MongoDB allows you to add up to 1,000 IP addresses.

Note: Before using a target instance, you must modify the whitelist.

Add an IP whitelist

  1. Log on to the MongoDB console and find the target instance.

  2. Click the instance ID or View to go to the Basic Information page.

  3. Click Security Control to go to the Security Control page, as shown in the following figure.

    Add IP addresses

  4. You can select Manually Modify or Import ECS Intranet IP to set the IP whitelist.

    • Click Manually Modify to manually enter IP addresses or segments, and click OK, as shown in the following figure:

      Add IP addresses manually

    • Click Import ECS Intranet IP. The system displays the ECS intranet IP addresses in the same account. You can select an ECS intranet IP address, add it to the whitelist, and click OK, as shown in the following figure.

      Import ECS Intranet IP

Note:

  • Separate the IP addresses by commas (,). You can add up to 1,000 unique IP addresses/IP segments. Supported IP address formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (CIDR mode; classless inter-domain routing; /24 indicates the length of the prefix in the IP address; the prefix length ranges from 1 to 32).

  • 0.0.0.0/0 and a blank field indicates no IP access restriction. In this case, the database may have a high security risk. It is advised to set the access permission only for the Internet IP address/IP address segment of your Web server.

Subsequent operations

Using the whitelist correctly can enhance access security protection for MongoDB. We recommend that you regularly maintain the whitelist.

You can select Manually Modify or Import ECS Intranet IP to set the IP whitelist.

Thank you! We've received your feedback.