System Settings – IP Address Filtering

Capture

Notes

• By checking the [Enable IP Address Filtering] box the configuration fields are displayed
  • When the box is turned on, the IP Address Filtering settings will be as follows
    • All access to [Message Start Event] other than [Message Start Event (Form)] will be denied
    • All access to [Receive Task] other than [Received Task (Form)] will be denied
    • Except as noted above, access to the workflow platform is allowed from all IP addresses
  • Unchecking and saving the checkbox will clear the settings you have entered
• If you specify IP addresses in [Global Configuration], access from the IP addresses to your entire workflow plarform is allowed
• In [Message Start Event/Receive Task Configuration] section, you can specify specific events within an app or apps and set access permission
  • Access from within the same workflow platform is always permitted, regardless of the settings
  • Select from the drop-down menu and click the add_box button to add a sample path according to the selected menu to the [Path Prefix]
  • For A Specific App, replace (processModelInfoId) and for A Specific Node, replace (nodeNumber) with a number respectively
    • (ProcessModelInfoId) is replaced by the number following “m” of “App ID” on the application details screen
    • (nodeNumber) is replaced by the number before the event type name at the top of the settings screen for the task from the workflow diagram
  • The maximum limits for each setting are as follows
    • Number of Path Prefixes: 40
    • Number of characters in a Path Prefix: 100
  • Preferred over [Grobal Configuration]
    • Configurations with longer Path Prefixes take precedence over those with shorter Path Prefixes
• Details of the [Allowed Hosts/Networks] settings
  • Specify with global IP address(es)
  • IPv6 is not supported, use IPv4
  • IP address or CIDR notation is supported (e.g. 192.0.2.1, 203.0.113.0/24)
  • Multiple IP addresses can be specified by separating them with a space
    • Each address will be new-lined when saved
    • Maximum number of networks that can be set in [Global Configuration] or in a single Path Prefix: 100
  • If you want to allow access from all IP addresses, set [Allowed Hosts/Networks] to 0.0.0.0/0
  • If you want to deny access from all IP addresses, leave the [Allowed Hosts/Networks] empty
    • It is not possible to deny access from all IP addresses in the [Global Configuration]

See also

• M312: Filtering on Source IP Address
• M221: Auto Start Triggered by HTTP Request
• M226: Standing by HTTP Request
• Message Start Event (HTTP)
• Message Start Event (Webhook)
• Message Start Event (form)
• Receive Task (HTTP)
• Receive Task (Webhook)
• Receive Task (form)
• Starting a Process from Outside of Questetra BPM Suite (Preparatory Chapter)