After you set up Barracuda WAF-as-a-Service for one or more of your applications, ensure that users cannot access your application server directly, without going through Barracuda WAF-as-a-Service.
For accounts created on or after November 5, 2019
Barracuda WAF-as-a-Service provides the IP ranges you need to accept.
To locate the IP ranges:
- Log into Barracuda WAF-as-a-Service and navigate to Applications.
- Click the application name.
- In the left panel, select Endpoints.
- On the Endpoints page, locate the IP Ranges to Allow section. Click Show IPs, then copy the IP ranges listed.
- Configure your application server to accept traffic only from those IP ranges.
For accounts created before November 5, 2019
Configure your application server to accept traffic only from the following Barracuda IP ranges.
64.113.48.0/20
34.228.125.58/32
51.103.8.8/31
52.142.154.84/31
Configuring your Application Server
Consult your application server documentation for specific instructions on this process. Here are links to some application server documentation sets.
- Apache HTTP Server documentation
- Nginx Web Server documentation
- Unix and Linux Iptables