To ensure the security and stability of Lindorm, the system prevents devices from accessing Lindorm instances by default. Before you use a Lindorm instance, configure a whitelist for the instance to allow external devices to access the instance. The security of Lindorm instances can be enhanced if you properly configure whitelists. We recommend that you maintain your whitelists on a regular basis.

Before you begin

Before you configure an IP whitelist for a Lindorm instance, obtain the IP addresses of the clients from which you want to allow access to the instance based on the installation locations.
Client installation location Network type How to obtain the IP address of a client
(Recommended) Elastic Compute Service (ECS) instance Virtual private cloud (VPC) Check the IP address of the ECS instance. For more information, see How do I query the IP addresses of ECS instances?
Note Make sure that the ECS instance and the Lindorm instance reside in the same VPC.
On-premises device Internet Select one of the following methods based on the operating system of the on-premises device:
  • Linux: Run the curl ipinfo.io |grep ip command on the on-premises device to obtain its public IP address.
  • Windows: Visit https://www.ip138.com/ on the on-premises device to obtain its public IP address.

Procedure

  1. In the left-side navigation pane, click Access Control.
  2. On the page that appears, click Modify Whitelist.
  3. In the Modify Whitelist dialog box, add the IP addresses or CIDR blocks from which you want to allow access to the instance to the whitelist.
    Note
    • You can specify the IP addresses or CIDR blocks in the following formats:
      • Use a single IP address. For example, you can add 192.0.XX.XX.XX to the whitelist.
      • Use Classless Inter-Domain Routing (CIDR) notation to specify IP ranges. For more information about CIDR notation, see What is CIDR? For example, you can add 192.0.XX.XX/24 to the whitelist. The suffix /24 indicates that the network prefix of the CIDR block is 24 bits in length. The value of the suffix ranges from 1 to 32.
    • Separate multiple IP addresses or CIDR blocks with commas (,).
    • If you add 0.0.0.0/0 to the whitelist, all IP addresses can access the Lindorm instance. In this case, high security risks occur on Lindorm. Proceed with caution.
    • If you add 127.0.0.1 to the whitelist, all IP addresses are prohibited from accessing the Lindorm instance.
  4. Click OK.