IP Whitelist

The IP whitelist restricts access to a group so that requests are only accepted from trusted networks. When a whitelist is set, requests from any other address are rejected.

How it works

You add one or more allowed IP addresses to the group. From then on, access is limited to those addresses. This is an effective extra layer of protection for:

Queries published as a public API, so endpoints can only be called from your servers.
Sensitive groups where access should be limited to your office or VPN.

Setting the whitelist

Open the group's IP whitelist setting and enter the addresses you want to allow. Save to apply. An empty whitelist means no IP restriction is enforced.

Don't lock yourself out

Make sure your own current address (or your VPN's egress address) is included before you enable the whitelist, or you may lose access to the group.

Combining with other controls

The IP whitelist works alongside Kvery's other protections:

Thresholds and rate limits cap how often and how long queries run.
Share-hash passwords and expiry protect individual shared queries.
SSL and SSH secure the path between Kvery and your database.

Use these together for defence in depth.

How it works​

Setting the whitelist​

Combining with other controls​

How it works

Setting the whitelist

Combining with other controls