An IP address blacklist or whitelist is used to identify and filter users. This helps you restrict access to Content Delivery Network (CDN) nodes and improve service security. This topic describes how to configure an IP address blacklist or whitelist.
Background information
- If an IP address blacklist is configured, the IP addresses in the blacklist are not allowed to access CDN nodes.
- If an IP address whitelist is configured, only IP addresses in the whitelist are allowed to access CDN nodes.
Note
- IP blacklists and whitelists support IPv6 addresses. Letters in IPv6 addresses must be uppercase, for example, 2001:DB8:0:23:8:800:200C:417A and 2001:0DB8:0000:0023:0008:0800:200C:417A. The representation of an IPv6 address must not be shortened. For example, 2001:0DB8::0008:0800:200C:417A is not supported.
- Both IP blacklists and whitelists support Classless Inter-Domain Routing (CIDR) blocks. For example, in the 192.168.0.0/24 CIDR block, /24 indicates that the first 24 bits in the subnet mask are the network bits. The remaining 8 bits are host bits. The number of host bits is calculated based on the following formula: 32 - 24 = 8. You can connect 254 hosts to the subnet. The number of hosts is calculated based on the following formula: 2^8 - 2 = 254. Therefore, 192.168.0.0/24 represents IP addresses from 192.168.0.1 to 192.168.0.254.