Restrict access to specific IP ranges (instance security hardening)
Use the com.snc.ipauthenticator property to restrict access to specific IP ranges. Unless public access is intended for the instance, administrators should limit access to their assigned IP net blocks.
Prerequisites
Before setting this property, you must activate the IP Range Based Authentication com.snc.ipauthenticator plugin. To learn more, see IP range based authentication and in the Steps to configure section (below).
More information
| Attribute | Description |
|---|---|
| Plugin Name | com.snc.ipauthenticator |
| Configuration type | System Security > IP Address Access Control |
| Configure in Instance Security Center | Yes |
| Purpose | To add the range of IP address that can or can't access the instance to the trusted and untrusted domain lists. |
| Recommended value | Active |
| Functional Impact | Customer-denied IP ranges are used for this remediation item. No impact as customer defines the target list. |
| Security risk | (Low) Unnecessary exposure to the target instance on the internet should be restricted with the help of IP access controls functionality. |
| References | IP range based authentication |
Steps to configure
- Ensure that the com.snc.ipauthenticator plugin is active.
- Navigate to .
- Click New to create an exclusion list (Deny) or an inclusion list (Allow) of IP addresses.
- Click Submit.