All Products
Search

This Product

    Lindorm:Configure whitelists

    Document Center

    Lindorm:Configure whitelists

    Last Updated:Sep 20, 2025

    By default, no device can access a Lindorm instance. This default setting ensures security and stability. Before you use an instance, you must configure a whitelist to allow access from external devices. Properly configuring and regularly maintaining whitelists provides a higher level of security for your Lindorm instances.

    Preparations

    Before you configure a whitelist for a Lindorm instance, obtain the IP addresses of the clients that require access.

    Client location

    Network type

    How to obtain the client IP address

    (Recommended) ECS instance

    Virtual private cloud (VPC)

    Query the IP address of an ECS instance

    Note

    Make sure that the ECS instance and the Lindorm instance are in the same VPC.

    Local

    Internet

    Select a method based on the operating system of the on-premises device:

    • Linux: On the on-premises device, run the curl ipinfo.io |grep ip command to obtain its public IP address.

    • Windows:

      • Method 1: On the on-premises device, visit this website to obtain its public IP address.

      • Method 2: Open Command Prompt (CMD) and run the curl ifconfig.me command.

    Procedure

    Warning

    Setting the IP address segment to 0.0.0.0/0 allows all IP addresses to access the Lindorm instance. This creates a high security risk for Lindorm. Therefore, do not add 0.0.0.0/0 to the whitelist.

    1. Log on to the Lindorm console.

    2. In the upper-left corner of the page, select the region where the instance is deployed.

    3. On the Instances page, click the ID of the instance that you want to manage or click Manage in the Actions column corresponding to the instance.

    4. In the left navigation pane, select Access Control.

    5. Click Create Whitelist Group.

    6. In the Create Whitelist Group dialog box, set the Group Name and IP Whitelist.

      Important

      • A group name can contain only letters, digits, and underscores (_).

      • The following formats are supported for IP addresses or IP address segments:

        • A single IP address, such as 192.0.XX.XX.

        • IP address segments in CIDR notation (Classless Inter-Domain Routing), such as 192.0.XX.XX/24. The number after the slash (/) indicates the prefix length of the address. The value can range from 1 to 32.

      • Separate multiple IP addresses or IP address segments with a comma (,).

      • If you set the IP address to 127.0.0.1, you prevent access from all external IP addresses.

    7. Click OK.

      You can then click Modify Group in the Actions column for the target Group Name to modify its whitelisted IP addresses. You can also create a new whitelist group.