Learn how to secure your OVHcloud account by limiting the IP addresses authorized to access it.
OVHcloud provides you with options to enhance the security of your OVHcloud Control Panel and your services.
You can restrict access to your OVHcloud Control Panel to certain IP addresses. By setting this option and securing your account with two-factor authentication, you can optimally secure your OVHcloud Control Panel against intrusion attempts.
Requirements
- access to the OVHcloud Control Panel
- knowledge of the password management recommendations for accessing your account
Instructions
Step 1 - Retrieve public IP addresses authorized to access your OVHcloud Control Panel
There are two types of IP addresses:
- Public IP addresses: They are visible throughout the Internet. For example, they are used by your Internet access point/box to provide access to public networks (Internet).
- Private IP addresses: They are not visible on the Internet and can only be allocated in a local network. For example, your Internet box will assign a private IP address to each of the devices (computers, smartphones, tablets, etc.) connected to it. Your Internet access point/box allows these devices to use the public IP address to access the Internet. Private IP addresses are easy to recognize because they usually start with 10.X.X.X, 172.16.X.X, or 192.168.X.X (where X stands for a value between 0 and 255).
To use the IP restriction option in the OVHcloud Control Panel, you will need to enter your public IP address(es) only.
To retrieve the public IP address of a device that will be authorized to access your OVHcloud Control Panel, go to whatismyip.com (not managed by OVHcloud).
Take note of the IP address that appears, then repeat the operation for each device that will be authorized to access your OVHcloud Control Panel.
If you are using a 4G/5G network as an addition, remember to also retrieve the IP address of this network.
For a 3G/4G/5G connection, IP addresses are systematically dynamic.
Before setting up an IP restriction on your OVHcloud Control Panel, check with your ISP to make sure that the IP addresses retrieved previously are static. Otherwise, you risk losing access to your OVHcloud Control Panel by declaring a dynamic IP.
Step 2 - Set up access restriction by IP
Log in to your OVHcloud Control Panel. Click on your Enable and initials in the top right corner.
When the My account page loads, click on the Security tab. Then click Enable to the right of IP access restriction.
Interface Overview
There are two sections for setting IP restrictions:
-
Default rule. Use this field to:
- Deny access to all IP addresses except those previously declared as authorised in the second section Configured IPs.
- Allow access to all IP addresses except those previously declared as denied in the second section Configured IPs.
Check the Alert box if you want to be notified on your contact email address whenever an unauthorized login attempt was made to access your Control Panel.
-
Configured IPs. Use this field to declare IP addresses that will be denied or authorised. You can also view the rules you have set up beforehand.
In the Default rule section, never validate the default rule in
Denied status without first authorizing at least one of your public IP addresses in the Configured IPs section.Otherwise, you will block all public IPs (including yours) without any exceptions. Any login requests to your OVHcloud Control Panel will be denied, and you will need to carry out an administrative procedure to unblock your access.
Be extremely vigilant on this point.
Deny all IP addresses except legitimate addresses
To authorize access to the OVHcloud Control Panel only for one or more legitimate IP addresses, click the Add a restriction button.
The IP 192.0.2.0 used in the following screenshots needs to be replaced with one of your own IP addresses.
In the window that pops up, enter the public IP address want to authorize into the IP field. Check the Alert box if you want to be notified by email of connection attempts via this IP address then leave the Rule in the Authorised status.
Click Next.
Check your IP address and rule before clicking Confirm.
The rule should then appear in the Configured IPs section.
Once you have set all of your public IP addresses in the Configured IPs section, switch the rule to the Denied status in the Default rule section. Select the Alert check box if you want to receive email notification of login attempts, then click Save changes.
From now on, only public IP addresses previously authorized in the
Configured IPssection can access your OVHcloud Control Panel.
Authorize all IP addresses except some addresses
With the IP access restriction option, you can also authorize all IP addresses to access your OVHcloud Control Panel, except for a few that you have previously identified as illegitimate.
To block access to your OVHcloud Control Panel for one or more IP addresses, click on the Add a restriction button in the Configured IPs section.
In the window that pops up, enter the public IP address you want to block in the IP field. Check the Alert box if you want to be notified by email of connection attempts via this IP address, then change the Rule to Denied.
Click Next.
Check the IP address and rule before clicking Confirm.
The rule should then appear in the Configured IPs section.
Once you have entered all of the public IP addresses in the Configured IPs section, switch the rule to the Authorised status in the Default rule section. Select the Alert check box if you want to be notified by email of connection attempts, then click Save changes.
From now on, all public IP addresses can access your OVHcloud Control Panel, except those declared in the Configured IPs section.
Go further
For more information and tutorials, please see our other My Account support guides or explore the guides for other OVHcloud products and services.