Did you know that it’s possible to create an IP Allowlist for a Cloud Page? With a little bit of SSJS (and in this example a bit of AMPscript) you can add a little layer of security to your Cloud Pages. So, whether it's because it's a work in progress or they are for internal use only - it's a nifty little trick to keep up your sleeve!
NB: We do not recommend that you use this method in place of best security practices. Do not expose any functionality that in any way creates a security vulnerability or confidential information of any kind using this technique. Use of this technique is under the explicit understanding that an IP Allowlist is not a fully secure method to store or share information.
An IP Allowlisting process is made up of 2 components:
Create your Data Extension, with a 32 character text field (This gives you enough characters for IPv6 Allowlisting). In this instance, the script is looking at a Data Extension called IPAllowlist with the field allowableIP.
Add your IP address(es) to the Allowlist DE created above. If you don’t know your IP address, there’s plenty of websites that will advise you on what your IP address is. Even Google will return an IP address if you just search “What is my IP”. Would recommend including IPv4 and IPv6 just in case.
Open up your cloud page and add the below script to the top of your cloud page, either in a HTML Block or after the if you’re building your page in pure code.
This could all be done in SSJS, but it’s a short and sweet example of using Variable.SetValue to pass an attribute between SSJS and AMPscript if you ever need to do that!
Put your content in the body of your Cloudpage
Add this piece of AMPscript to the bottom of the page:
%%[ Else ]%% <div> Access Denied </div> %%[ ENDIF ]%%
Publish your Cloud Page & test it out. Try connecting on your phone or just removing your IP address from the Allowlist Data Extension to prove that you get the Access Denied message pop up.
You’ve implemented an Allowlist on your Cloudpage.