GlossaryNetworkingBeginner

IP Whitelisting

IP whitelisting is a security method that only lets pre-approved IP addresses connect to a service, blocking everyone else by default.

Last updated June 8, 2026

Definition

IP whitelisting (also called IP allowlisting) is an access-control technique where a service accepts connections only from a defined list of trusted IP addresses. Any request coming from an address that is not on the list is automatically rejected.

How it works

An administrator registers one or more source IP addresses, or sometimes whole CIDR ranges, in a dashboard or firewall rule. When a connection arrives, the server checks the source IP against the approved list and only proceeds if there is a match. This is the opposite of a blacklist, which blocks specific bad actors but allows everyone else.

Why it matters for proxies and scraping

Proxy providers commonly offer IP whitelisting as an alternative to username/password authentication. It is convenient because you never expose credentials, but it requires a stable, predictable source IP. Scrapers running on rotating cloud instances often struggle with whitelisting because their server IP changes, breaking access until the new IP is re-added.

  • Restrict API or proxy access to known servers
  • Avoid leaking login credentials
  • Add a strong perimeter layer for sensitive systems

Examples

1

Allowing only 203.0.113.0/24 to reach a database

2

Whitelisting a static office IP for proxy access

3

Cloud firewall rule permitting one EC2 elastic IP

Common Use Cases

Authenticating to a proxy without passwords
Locking down admin panels and APIs
Securing database access to known hosts
Restricting SSH to trusted networks

Frequently Asked Questions

It removes credential-leak risk but is not foolproof. Attackers can spoof IPs in some scenarios, so whitelisting is best combined with encryption and other controls.
Cloud instances often get a new IP each time they restart or scale. Since the new IP is not on the approved list, access fails until you re-register it or use a static/elastic IP.

Keep Learning

All terms

Residential Proxy

A residential proxy routes your traffic through a real device with an IP assigned by an Internet Service Provider, so requests appear to come from a genuine home user rather than a server.

Read definition

HTTP Proxy

An HTTP proxy is an intermediary server that forwards web (HTTP/HTTPS) requests on your behalf, able to read, cache and filter traffic at the application layer.

Read definition

Forward Proxy

A forward proxy sits between clients and the internet, forwarding their outbound requests so the destination sees the proxy's IP instead of the client's.

Read definition

Rate Limiting

Rate limiting restricts how many requests a client can make in a given time, and it is one of the most common defenses scrapers must work around.

Read definition
Back to Glossary