IP Address Restriction
To prevent unauthorized Dashboard access, we have included two IP Address Restriction options:
Select and configure IP Address Restrictions
To configure these settings, log in to the Dashboard using an account with General permissions and go to:
- Go to Settings > General Settings > Security
- In the IP Address Restriction section
- Choose Auto-detect new IP addresses during login and approve with email verification or Restrict Dashboard access by IP address
- Opt to Allow use of remote access features with IP address verification
- OK to save and apply
If a user attempts to access the Dashboard from a new unknown IP address, a verification email is sent to their username (email address) requiring validation of their username before they can log in. Please note that from Dashboard 6.41.2 the expiration period for the emailed authentication link was increased from 20 minutes to 2 hours.
Once verified, this IP addresss range is automatically added to our approved list and any users accessing the Dashboard from this authorized range will not go through the email verification process.
For example, if someone attempts to log in from the new IP address 126.96.36.199 they will receive the verification email. Once approved we automatically add the range 188.8.131.52/24 covering 184.108.40.206 through 220.127.116.11 to our list. If a login request then comes in from 18.104.22.168, the user can log directly into the Dashboard without verifying this specific address.
Please be aware that the verification link included in this email expires after 20 minutes. Where the link has expired, it is necessary to repeat the Dashboard login process to generate a new verification email and link.
Please note that where Two-Factor Authentication (2FA) is enabled for the user, the IP address verification step will take place before the 2FA security code prompt.
If the user has logged in to the Dashboard from a new IP address to setup 2FA, then the IP address is automatically added to the approved list as part of the verification process for 2FA.
From Dashboard 6.41.2, we have included the option to Disable IP Verification at the user level where the user has 2FA enabled. This allows the user to access the Dashboard from a new IP address without going through the IP address verification process.
This is configured from:
- Go to Settings > Users > User Accounts
- Select the target 2FA enabled user and from the right-click menu (or User drop-down)
- Choose Disable IP Verification
Where IP verification is disabled, this menu allows you to Enable IP Verification.
Important:as this security feature requires the user to verify their username (email address) please ensure that all usernames in the system are active and valid email addresses.
Prevents Dashboard access from IP addresses not on the Approved IP Addresses whitelist.
From Dashboard 6.52.3, each IP address in the Approved IP Addresses dialog includes when it was added to the list, the time and date it was last accessed along with the login username.
This allows you to quickly identify IP address usage and take any required action, for example remove IP addresses that were not used in the last 6 months.
Please note, the Last Access date and time usage information is only available where Dashboard access took place from February 2018 onwards.
Approve IP Addresses
- Click Add to insert an Approved IP Address
- Enter the IP Address then Subnet Mask from the drop-down
- Click Add to apply
- Repeat as necessary to whitelist multiple IP addresses
- Click OK to save and apply
Please remember to include your current IP addressor you will be unable to login to the Dashboard
Delete IP Addresses
- Highlight the target IP address in the Approved IP Address list
- Select Remove
- Click OK to save and apply
Once all required IP Addresses are added toggle Restrict dashboard login by IP address: in Dashboard Security to enable then OK to apply.
lease note that any changes to the IP Address Restriction settings are recorded in the User Audit Report available under Reports on your Dashboard.
A new network address will be added to your approved IP addresses list pending email verification
IP address address added to approved IP addresses
IP address address removed from approved IP addresses
Allow use of remote access features with IP address verification
Where the user accesses the Dashboard from a verified IP address and Two-Factor Authentication is enabled for at the account or user level, this option allows the user to establish a remote session from the Dashboard (using Take Control or Remote Background Management) without additional security code authentication.