Rune Backman Posted August 23, 2022 Posted August 23, 2022 Hi, We are configuring new development and staging environments of our forum and since both environments are restricted to only our IPs, we struggle to sign in to Invision Marketplace from the Admin CP. I'm already familiar with the solution in this topic but if possible, I would need to know the IP range used by remoteservices.invisionpower.com. We successfully tried allowing one IP a couple of months ago but changing the setup every time the IP changes is not a long term solution.
Marc Posted August 23, 2022 Posted August 23, 2022 6 minutes ago, Rune Backman said: We successfully tried allowing one IP a couple of months ago but changing the setup every time the IP changes is not a long term solution. This is actually the reason you need to allow the domain name and not the IP associated with it. This can change at any point, and there is no guarentee of that being within a set range.
Rune Backman Posted August 23, 2022 Author Posted August 23, 2022 Thanks for the reply. Yeah, we figured that the IP is dynamically changing but the IP range should still be fixed. We'll look into how to allow that domain instead but unfortunately it seems way more complex to configure that in our current setup in AWS WAF compared to just allowing an IP range. Marc 1
Randy Calvert Posted August 23, 2022 Posted August 23, 2022 What I ended up doing was white listing all of AWS’s EC2 IP ranges (https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html). Its not unique to IPS, however it does reduce the potential attack surface by eliminating any non-AWS source. Marc 1
Recommended Posts