Allow Inbound Connections from Specified Hosts (Deny All Others)
The following procedure describes how to change the global IP access setting to Deny by Default and specify some hosts to allow.
With this setting in effect, the server denies most hosts and allows some.
Important: | Before you switch your global setting to Deny by Default, make sure you have at least one port that does not rely on the global setting and allows at least one host. If you inadvertently lock all hosts out of the server, you can correct the problem by manually updating the appropriate configuration file. See If You Inadvertently Deny IP Access
to All Hosts for instructions. |
To allow inbound requests from only specified hosts
1. Open the Integration Server Administrator if it is not already open.
2. In the Security menu of the Navigation panel, click Ports.
3. Click Change Global IP Access Restrictions.
4. Click Change IP Access Mode to Deny by Default.
The server changes the access mode and displays a screen from which you can add hosts to the Allow List. Notice that the server has already included the host name and IP address of the machine from which you are using the Integration Server Administrator so that you are not locked out of the server.
5. Click Add Hosts to Allow List.
6. Specify the host names (e.g., workstation5.webmethods.com) or IP addresses (e.g. 132.906.19.22 or 2001:db8:85a3:8d3:1319:8a2e:370:7348) of hosts from which the server is to accept inbound requests. Separate your entries with commas, for example: *.allowme.com, *.allowme2.com.
The host names or IP addresses can include upper and lower case alphabetic characters, digits (0-9), hyphens (-), and periods (.) but cannot include spaces. For IPv6, IP addresses can also include colons (:) and brackets ([]).
Note: | IP addresses are harder to spoof, and therefore more secure. |
You can use the following pattern-matching characters to identify several clients with similar host names or IP addresses.
Char | Description | Example |
* | Matches any number of characters | r*.webmethods.com |
? | Matches any single character | workstation?.webmethods.com |
7. Click Add Hosts.