How to use IP Whitelisting and IP Restrictions for Hosted sites in JCA (copy)

Version 2

    IP Restrictions

    Jive Cloud Admin (JCA) allows Jive Hosted customers to set various IP restriction rules for their Jive site.

     

    IP restrictions can be used to either allow only certain IP addresses access to your site (Whitelisting), or to block access for only specific IP addresses (Backlisting).

    • Whitelist: Allow access for only the whitelisted IP addresses, and block all others (i.e. Allow only specific good things)
    • Blacklist: Block access for the backlisted IP addresses, and allow all others (i.e. Block specific bad things)

     

    When do I use Whitelisting or Blacklisting?

    Whitelisting is a useful tool for allowing only a specific subset of known people to use your Jive instance. This is most often used for companies that are using Jive internally and only want their employees to access the site while they are on the company network.

     

    Blacklisting may be useful when you need to block certain groups of people from accessing your site. For example, you may use this to block spammers and bots.

     

    What will people see if they are blocked?

    People who are not allowed to access your site, either because they are on your blacklist or are not in the whitelist, will be unable to load your site and will see a Forbidden error message.

    Screen Shot 2017-01-24 at 10.47.17 AM.png

     

     

    Where do I set IP Restrictions?

     

    IP Restrictions can be set for Hosted sites in Jive Cloud Admin (JCA) at https://cloud.jivesoftware.com/admin

     

    You will see "IP Restrictions" listed in your JCA Portal for your hosted site.

    If you do not have access to JCA then file a new support case in your MyJive group for help.

    IP Restrictions is only available for Hosted sites. The IP Restrictions tool is not available for Cloud or On-Premise Jive instances.

     

    Screen Shot 2017-01-18 at 11.43.02 AM.png

     

    How do I configure IP Restrictions?

    IP Restrictions can be set for the entire site, or for only the admin console (jiveURL/admin).

     

    Sites cannot have both whitelisting and blacklisting enabled at the same time. The list of IP addresses you've entered will either all be whitelisted addresses or all blacklisted addresses.

     

    You can add IP restrictions in 3 different ways:

    1. A single new IP restriction
    2. Add multiple new IP restrictions with a text file list
    3. Replace all IP restrictions with a text file list

     

    The text file must have each CIDR Notation entry on a new line in a plain text file.

    Changes are immediate and do not require a system restart!

     

    CIDR Notation - IP Restriction format

    You must use CIDR notation when inputting your IP addresses when configuring an IP restriction rule.

     

    CIDR, or Classless Inter-Domain Routing, notation is a compact way of representing one or many unique IP addresses by using the first address of a network and the number of significant bits in its associated subnet mask. Additions to your installation's whitelist must be in IPv4 format.

     

    IPv4

    IPv4 address ranges can use a maximum of 32 significant bits.

    For example, a single address can be represented as 192.168.100.0/32, while 192.168.100.0/23 represents the block of IPv4 addresses from 192.168.100.0 to 192.168.101.255.

     

    Examples

    Below are some examples of how to list IP addresses and IP address ranges in CIDR format

     

    Non-CIDRCIDR

    SINGLE IP [IPv4]

     

    168.215.186.2

     

     

    168.215.186.2/32

    ADDRESS RANGE [IPv4]

     

    128.1.0.1 to 136.255.255.254

    128.1.0.1/32
    128.1.0.2/31
    128.1.0.4/30
    128.1.0.8/29
    128.1.0.16/28
    .

    .

    .
    [Lots of addresses, condensed]
    .

    .

    .
    136.255.254.240/29
    136.255.254.248/30
    136.255.254.252/31
    136.255.254.254/32

     

    I've changed our IP restriction rules and now my site doesn't load!

    When you log into JCA and review your IP Restrictions configuration you will see a list of currently active IP restrictions. You most likely accidentally added your own IP address to the list of blacklisted addresses, or you've accidentally removed your IP address from the whitelist.

     

    You can quickly sort and delete entries from the table by clicking the table headers and then clicking the row that is the culprit.

     

    Also be careful not to add private network IP addresses to your list of IP restrictions.

     

    If you are unable to locate the IP restriction that is causing the issue then please file a new case with Jive Support in your MyJive group. Jive may need to temporarily disable all IP restrictions to troubleshoot the issue.

     

    Mobile is no longer working for people after putting my whitelisting IP restrictions

    Jive's mobile apps may no longer work if you set whitelisting rules and you have users who are connecting to your Jive instance from outside of your network and instead are using a cellular network. If you are using whitelisting rules then please ensure that all of your mobile users are first connected to your WiFi network before using Jive.

     

     

    I don't see the option for setting IP restrictions in Jive Cloud Admin

    This tool is only available for Jive Hosted sites. If you have a Jive Cloud or On-Premise instance then you will not see this feature.