Only Allow Connections Via Trusted Proxies

If you wish to secure your project by forcing all traffic to come via your proxy service, then you can do so by enabling the "Only Allow Connections Via Trusted Proxies" setting.

This will allow requests from the IPs of the following services:

  • Cloudflare
  • CloudFront
  • Fastly
  • Akamai
  • Imperva

403 Forbidden responses will be returned to any request that isn't proxied via one of these trusted proxies. An indirect consequence of this means that the project's vanity domains (i.e. your project's * subdomains) will stop working and return 403 responses.

Note: the "Only Allow Connections Via Trusted Proxies" setting will take precedence over any IP whitelisting or blacklisting that is set up.

Steps to enable #

To prevent traffic from non-trusted sources, perform the following steps:

  1. Visit your project's Access Control page.

  2. Scroll down to the "Only Allow Connections Via Trusted Proxies" section.

  3. Flip the switch to enable the setting.

  4. Sync the project to deploy the change.