Platform.sh is now Upsun. Click here to learn more
Upsun User Documentation

Configure HTTP access control

Back to home

On this page

Try Upsun for 15 days
After that, enjoy the same game-changing Upsun features for less with the First Project Incentive!¹ A monthly $19 perk!
Activate your 15-day trial
¹Terms and conditions apply

When developing your site, you might want to hide your preview environments from outside viewers. Or you may find you have performance issues from excessive bot access. You can control access with a username and password or by allowing/denying specific IP addresses or networks. This setting applies to the entire environment.

The settings for a specific environment are inherited by all of its children. So if you have a staging environment and you branch environments from it, all of the environments branched from it inherit the same authentication information.

Changing access control triggers a new deploy of the current environment. The changes don’t propagate to child environments until they’re redeployed manually.

Use a username and password Anchor to this heading

You can set up one or more combinations of a username and password. To add a username and password, follow these steps:

  • Select the project where you want to add login details.
  • From the Environment menu, select an environment.
  • Click Settings.
  • In the row with HTTP access control, click Edit .
  • Click + Add Login.
  • Enter the username (login) and password into the given fields.
  • Click Save.

Run the following command:

upsun environment:http-access -e ENVIRONMENT_NAME --auth USERNAME:PASSWORD

For example, to add the username name with the password 12321 to the test environment, run:

upsun environment:http-access -e test --auth name:12321

Filter IP addresses Anchor to this heading

Alternatively, you can control access to environments by allowing or denying specific IP addresses or ranges of IP addresses. The addresses should be in the CIDR format. Both4.5.6.7 and 4.5.6.0/8 are accepted formats.

Note that allow entries should come before deny entries in case they both match.

For example, the following configuration allows only the IP 198.51.100.0 to access your website.

198.51.100.0 allow
0.0.0.0/0 deny

To control access based on IP address, follow these steps:

  • Select the project where you want to control access.
  • From the Environment menu, select the environment to control.
  • Click Settings.
  • In the row with HTTP access control, click Edit .
  • Enter the IP addresses or ranges into the IP addresses field. Put one address or range per line, followed by a space and then allow or deny.
  • Click Save.

Run the following command:

upsun environment:http-access -e ENVIRONMENT_NAME --access allow:IPS_TO_ALLOW --access deny:IPS_TO_DENY