I need to reach my vendor partner API that is hosted on AWS. They use ACLs, WAF etc to allow IP address range in CIDR format. I get different set of addresses of my domain that is hosted on secondmedic. One set of IP addresses that are shown by the dig utility , nslookup or the A record of the DNS entry for my domain. I get a second set of addresses when I check with a tool like “find-ip-address-of-my-website” . Which of these addresses should I give to my partner for whitelisting ?
Your website will make outbound requests on whatever public IP you host has given you.
The Cloudflare IPs from https://www.cloudflare.com/ips/ are the ones used for inbound requests to your website from Cloudflare.
The IP list in this URL is way too much for my partner to whitelist. If indeed this is the superset, its notable that A record from DNS is out side of this.
Like I said, those are for inbound.
If your server is making outbound connections to somewhere else then Cloudflare’s IPs aren’t relevant.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.