IP Restriction
Control access to your CDN Resources by allowing or blocking specific IP addresses through whitelist or blacklist configurations.
IP Restriction (Access Control List – ACL) allows you to manage which IP addresses can access your CDN Resource. You can choose between two modes: Whitelist or Blacklist, to define how access is granted or denied.
Whitelist Mode: Only the IP addresses you specify are allowed to access your resource. All other IPs are denied.
Blacklist Mode: The IP addresses you specify are denied access. All other IPs are allowed.
Whitelist and Blacklist modes are mutually exclusive — only one can be active at a time.
Why Use IP Restriction?
Use IP Restriction to:
Protect internal or staging environments from unauthorized access.
Restrict API access to trusted partners or corporate networks.
Block known malicious IP ranges or suspicious activity.
Ensure compliance with internal security policies.
Key Features
Whitelist Mode – Only the IP addresses you specify are allowed to access the resource. All other traffic is blocked.
Blacklist Mode – The IP addresses you specify are denied access, while all other IPs are permitted.
Edge-Level Enforcement – Filtering occurs at the CDN edge, ensuring zero impact on origin performance.
CIDR Range Support – Define large IP ranges using CIDR notation (e.g.,
192.168.1.0/24
).Mutually Exclusive Modes – You can use either whitelist or blacklist mode, but not both simultaneously.
Use Whitelist mode for restricted corporate APIs and Blacklist mode for public-facing applications that need selective blocking.

Medianova’s IP Restriction system provides a simple yet powerful way to enforce access control at the CDN level. By validating requests before they reach your infrastructure, it prevents unauthorized access and improves overall performance stability. Combined with other Security features such as Rate Limiting, WAF, and Hotlink Protection, it forms a robust multi-layer defense mechanism.
Last updated
Was this helpful?