IP Whitelisting
IP Whitelisting Configuration in fixicch2
IP whitelisting is a security mechanism that restricts which IP addresses are allowed to request configuration from fixicch2 . Specifically, it governs access to the /servers/** endpoints, which are used by FIXEdge/FIXEdge Java to retrieve configuration data.
The feature is controlled by the fixicch2.whitelistingEnabled property in local.app.properties file. By default, this property is set to false, meaning IP whitelisting is disabled and all requests are allowed.
Enabling and Managing IP Whitelisting
To configure IP whitelisting in FIXICC H2 interface:
Navigate to Administration → Entity Inspector from the left-side menu.
In the Entity Type field, enter
WhitelistingEntry.A table of existing whitelisting entries will be displayed.
Adding a New Whitelist Entry
To add a new entry:
Click Add to open the Whitelisting Entry editor.
The following fields are available:
Entry Type (required): Defines the format of the IP entry.
First Parameter (required): The IP address or starting range.
Second Parameter (optional): Used only for the
Rangeentry type to specify the end of the range.Server Name (optional): If omitted, the entry applies to all server names.
Supported Entry Types
Single: A specific IP address
Example:10.68.121.15Mask: A subnet in CIDR notation
Example:192.168.2.0/24Range: A range of IP addresses
Example:192.220.3.0to192.255.0.0
Whitelisting Behavior
When fixicch2.whitelistingEnabled is set to true, the system enforces IP whitelisting for all requests to /servers/** endpoints.
If the request originates from an IP address listed in the whitelist, it will be processed normally.
If the IP is not whitelisted, the system will respond with HTTP status code 405 (Method Not Allowed), and the configuration will not be sent.
If whitelisting is disabled, all requests are processed without restriction.