# Configure IP Restriction

**IP Restriction** enables you to define which IP addresses can access your CDN Resources by using either **whitelist** or **blacklist** rules.\
When configured, access control is enforced at the **CDN edge**, ensuring that unauthorized requests are blocked before they reach your origin server.

You can enable IP Restriction for each CDN Resource in the [**Medianova Control Panel**](https://cloud.medianova.com).

{% stepper %}
{% step %}
**Access the IP Restriction**

1. Log in to the **Medianova Control Panel**.
2. Go to **CDN → CDN Resources**.
3. Select the resource where you want to apply IP restrictions.
4. Click the **Security** tab.
5. Open the **IP Restriction (ACL)** section.

{% hint style="info" %}
IP Restriction is available only for active CDN Resources.
{% endhint %}
{% endstep %}

{% step %}
**Choose Restriction Mode**

Select one of the following modes based on your access policy:

<table><thead><tr><th width="138">Mode</th><th>Description</th></tr></thead><tbody><tr><td><strong>Whitelist</strong></td><td>Only the IP addresses you add will be allowed. All others will be blocked.</td></tr><tr><td><strong>Blacklist</strong></td><td>The IP addresses you add will be blocked. All others will be allowed.</td></tr></tbody></table>

{% hint style="info" %}
Whitelist and Blacklist modes are **mutually exclusive** — only one can be active at a time.
{% endhint %}
{% endstep %}

{% step %}
**Add IP Addresses or Ranges**

1. Click **Add IP**.
2. Enter an IP address or subnet range in CIDR format (e.g., `192.168.0.0/24`).
3. Press **Enter** or click the **+** icon to add it to the list.
4. Repeat for additional IPs or ranges.
5. Click **Save** to apply changes.

{% hint style="info" %}
Use CIDR notation to efficiently manage large network ranges.
{% endhint %}
{% endstep %}

{% step %}
**Edit or Remove Existing Entries**

* **Edit:** Click the **Edit** icon to update an IP or range.
* **Delete:** Click the **Delete** icon to remove it.
* **Save Changes:** Click **Save** after every modification to ensure updates are applied at the edge.

{% hint style="info" %}
**Removing an entry from a Whitelist immediately blocks that IP from accessing your resource.**
{% endhint %}
{% endstep %}

{% step %}
**Verify Configuration**

Once saved, you can verify your configuration:

* Attempt access from an **allowed IP** → content should load successfully.
* Attempt access from a **restricted IP** → access should be denied or redirected.
* Review logs or analytics to confirm correct enforcement.

{% hint style="info" %}
Test from different networks (VPN, mobile, or office IPs) to ensure your list is accurate.
{% endhint %}
{% endstep %}
{% endstepper %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://clients.medianova.com/products/security/ip-restriction/configure-ip-restriction.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.