Network Features: Traffic - Part 1 of 3.
What are web traffic filters?
The web traffic filters allow you to black and white-list traffic based on source IP and/or country of origin.
How do traffic filters work?
By default, all web traffic is allowed to visit your servers on your desired ports.
- For Rails applications this is
- For Maestro applications these ports are extracted from your exposed service configurations.
Traffic filters allow you to set rules for access via these ports.
Web traffic can be allowed or blocked from specific source IPs or a list of IPs dynamically fetched from a source. For example, you can allow traffic only from a single IP address (e.g. your home router), by adding your home IP address to the traffic filters allow list.
Some lists of IPs are dynamic - for example the list of a CDN's endpoints. Traffic filters can call a URL as a source. Your application will fetch the complete list of IPs from that URL. Paste in the URL in the appropriate field under Traffic Filtering, and you are ready to go.
Load balancer traffic enforcement:
Additionally, you can configure your application to only allow web traffic via your load balancers. This is handy for hardening your other servers against intrusions. However, you may still want your own team to be able to query your other servers directly via the web. To allow this, you can specify a set of IP addresses that are exceptions to this rule.
- Link to docs: Traffic Filters