Header

What IP addresses should I allow through my firewall?

You should allow the following IP ranges:

  • 185.22.208.0/25 (185.22.208.0 - 185.22.208.127)
  • 185.22.211.0/24 (185.22.211.0 - 185.22.211.255)
  • 2a00:67a0:a:1::/64
  • 2a03:2800:0300::/64

For deployments to work correctly you should also ensure that the correct ports are open on your firewall. These vary by protocol:

  • Passive FTP - ports 20, 21 and all ports higher than 1023
  • Active FTP - port 21
  • SSH/SFTP - port 22

These IP ranges are used to host all of our applications, including DeployHQ. You can find out more information about our network on our main website.

How to allow our IP ranges access via commonly used firewalls

Ubuntu - ufw

The default firewall configuration tool for Ubuntu is ufw and if you're running a dedicated Linux server, you should have access to it.

To allow an IP range through ufw, enter the following into your terminal:

$ sudo ufw allow from 185.22.211.0/24

And if you wish to restrict connections from a range to a specific TCP network port:

$ sudo ufw allow from 185.22.211.0/24 to any port 22 proto tcp

You can read more about ufw here.

CentOS - firewalld

With CentOS, you can use firewalld which works in a very similar way. to Ubuntu's ufw. To whitelist an IP range, run the following command in your terminal:

$ sudo firewall-cmd --zone=public --add-source=185.22.211.0/24

You can find more information about firewalld here