IP whitelisting is a security control that restricts access to your Rackwave portal and platform dashboards to only specific, pre-approved IP addresses. When enabled, login attempts from any IP address not on your whitelist are automatically blocked — even with valid credentials.
How IP Whitelisting Works
Without IP whitelisting, anyone who knows your email and password (and passes 2FA) can log in from anywhere in the world. With IP whitelisting:
- You define a list of allowed IP addresses or CIDR ranges (e.g. your office network, VPN, server IPs).
- Every login attempt is checked against this list.
- Attempts from IPs not on the whitelist are rejected at the login stage, before any credentials are checked.
- Attempts from whitelisted IPs proceed normally through the login flow.
Use Cases for IP Whitelisting
| Scenario | What to Whitelist |
|---|---|
| Small team working from a fixed office location | The static IP address assigned to your office internet connection |
| Remote team using a company VPN | The VPN's exit IP address — all team members appear to come from this IP when on VPN |
| API access from a production server | The static IP of your application server that makes API calls |
| Enterprise with multiple office locations | One IP or CIDR range per office, plus VPN exit IPs for remote workers |
| Automated scripts running on cloud servers | The static IP of each cloud instance (AWS Elastic IP, GCP External IP, etc.) |
IP Whitelist Formats Supported
| Format | Example | Covers |
|---|---|---|
| Single IPv4 address | 203.0.113.45 | Exactly one IP address |
| IPv4 CIDR range | 203.0.113.0/24 | All 256 addresses in that subnet (203.0.113.0 – 203.0.113.255) |
| Single IPv6 address | 2001:db8::1 | Exactly one IPv6 address |
| IPv6 CIDR range | 2001:db8::/32 | An IPv6 subnet block |
How to Set Up IP Whitelisting
- Log in to the Rackwave portal.
- Go to My Account → Security → IP Whitelist.
- Click Add IP Address.
- Enter the IP address or CIDR range you want to allow.
- Add a label for easy identification (e.g. Office — Jaipur, Production Server, VPN Exit Node).
- Click Add.
- Repeat for each IP or range you need to whitelist.
- Once at least one IP is added, the whitelist is automatically activated — all other IPs are immediately blocked.
How to Find Your Current IP Address
Before adding IPs to the whitelist, confirm your current IP address:
- Visit whatismyip.com or ipinfo.io from your browser.
- Or run the following command in your terminal:
curl ifconfig.me - For servers, check your cloud provider's instance details for the assigned static IP.
Challenges with Dynamic IPs
Most home internet connections use a dynamic IP — an IP address that changes periodically (every time you reconnect or after a set period). Dynamic IPs are not suitable for IP whitelisting on their own because the IP changes unpredictably, locking you out.
Solutions for users with dynamic IPs:
- Use a VPN with a static IP — connect to a commercial VPN that provides a fixed exit IP (many business VPN providers offer this). Whitelist that exit IP.
- Use a CGNAT or static IP add-on — some ISPs offer a static IP as an add-on. Contact your ISP to enquire.
- Whitelist a broad CIDR range — if your dynamic IP consistently falls within the same subnet (e.g. your ISP allocates from a known block), you can whitelist the entire /24 subnet. This is less secure but practical for some setups.
- Do not use IP whitelisting for portal login if all your team works remotely on dynamic IPs — rely on 2FA instead, which provides strong security without IP restrictions.
Removing an IP from the Whitelist
- Go to Security → IP Whitelist.
- Find the IP or range you want to remove.
- Click Remove.
- If this was the last IP on the whitelist, IP whitelisting is automatically deactivated and all IPs are allowed again.
IP Whitelisting for API Access
In addition to portal login, you can apply IP whitelisting to API key usage within MigoSMTP and Telnxo. This ensures API keys can only be used from your production server's IP — even if a key is stolen, it cannot be used from another IP address.
To enable API-level IP restriction, go to the platform dashboard → API Keys → Edit Key → Add Allowed IPs.