Global Whitelist

Global whitelist enhances security of your admin account by restricting login from the IP addresses that are not on the list. It is also applied when using the Login as option for an admin to log in as another user.

The whitelists of your end users will not be affected by the global whitelist.

Configure global whitelist

To configure global whitelist:

Go to /onapp/interface/config/on_app.yml
Specify the IP addresses or CIDR for the global_white_list_ips parameter in the on_app.yml file.
Example:
```
global_white_list_ips:

- 127.0.0.1

- 122.105.78.0/26
```
After modifying the on_app.yml file, restart the httpd service:
```
# service httpd restart
```

Once the OnApp service is restarted, global whitelist is configured for your account.

See also: