Configuring IP Address Whitelist

About IP Address Whitelist

IP address whitelists enhance repository security by restricting access to repositories by IP address.
Only access from whitelisted IP addresses is allowed.

IP address Whitelist Formats

IPv4 and IPv6 are supported. The following table lists the three formats of IP address whitelists.

**Table 1** IP address whitelist formats
Format	Description
Single IP address	This is the simplest IP address whitelist format. You can add the IP address of your computer to the whitelist, for example, 100...123.
IP address segment	If you have multiple servers and their IP addresses are consecutive or the IP address of your server dynamically changes in a network segment, you can add the IP address segment, for example, 100...0 to 100...255.
CIDR block	When your server on a LAN uses the CIDR, you can specify a 32-bit egress IP address of the LAN and the number of bits for a specified network prefix. Requests from the same IP address are accepted if the network prefix is the same as the specified one. In contrast, access from servers of other users in the same IP LAN are intercepted because the network prefix is not the specified one. For example: 100...11/12.

Configuring IP Address Whitelist

IP address whitelists can be created in the following levels:

The IP address whitelist can be configured only for repositories whose visibility is Private. Repositories whose visibility is Public read-only or Public are not supported.

IP Address Whitelist for Repository. It allows access only from IP addresses in the whitelist to a specific repository. To set the whitelist, choose Settings > Security Management > IP Address Whitelist for Repository. IPv4 and IPv6 addresses are supported. For details, see IP address Whitelist Formats.
Personnel in the IP address whitelist are allowed to clone the Git client or download the repository source code on the UI.

If no IP address whitelist is configured, all IP addresses are allowed.