If you have a firewall or other traffic throttling system on your origin server, please whitelist our edge server IP’s. Please Visit this page to obtain IP’s of the CDN edge servers you are provisioned on.

The majority of Linux/Unix servers use software firewalls, such as IPTables and PF. Firewalls can be set up to throttle traffic coming to the web server. This could potentially block one or more of the CDN network subnets (edge servers), subsequently preventing the CDN from pulling your content from the origin and caching it. The error we most often see when an origin server is blocking our CDN, is a 502 Bad Gateway Error

Whitelisting IPs in IPTables

Important Warning

If you are not very comfortable with the Linux and IPTables command line, please contact your hosting company and/or your server administrator. You need to be very careful when working with IPTables because mistakes can affect the ability for your server to correctly operate online and could even lock you out of the server! It is always recommended to do IPTable sconfiguration when directly logged in to your server via KVM/IP or IPMI (meaning a physical-based connection versus over the Internet).

In order to whitelist the MaxCDN Subnets in your IPTables firewall, please login to your server as root. If you are a superuser, please append sudo to the commands shown below.

  1. CentOS/RHEL

    • When logged in as root, or the superuser (as mentioned above), type the following command in your console window:

      iptables -I INPUT -s SUBNET_HERE -p tcp -m multiport --dports 80,443 -j ACCEPT
    • Repeat this line for each of the Subnets found on IP Blocks page, when done, run:

      /etc/init.d/iptables save
  2. CentOS/RHEL using CSF Firewall

    • Open or create this file: /etc/csf/csfpost.sh
    • Insert this line for each subnet provided by the MaxCDN Support Staff:

      iptables -I INPUT -s SUBNET_HERE -p tcp -m multiport --dports 80,443 -j ACCEPT
    • When you are done, save and close the file, then run:

      csf -r
  3. Debian/Ubuntu

    • When logged in as root, or the superuser (as mentioned above), type the following command in your console window:

      iptables -I INPUT -s SUBNET_HERE -p tcp -m multiport --dports 80,443 -j ACCEPT
    • Repeat this line for each of the subnets provided by MaxCDN Support Staff and then when done, run:

      iptables-save > /etc/firewall.conf

      You can choose any name and destination you like, however something easily identifiable like /etc/firewall.conf is recommended.

    • Finally, run each of these commands to setup your server to restore the IPTables configuration after reboot:

      echo "#!/bin/sh" > /etc/network/if-up.d/iptables 
      echo "iptables-restore < /etc/firewall.conf" >> /etc/network/if-up.d/iptables 
      chmod +x /etc/network/if-up.d/iptables 

Important Note

You need to replace SUBNET_HERE with the actual subnet found on IP Blocks page. The subnets will look like this:
10.0.0.1/20
192.168.2.50/8
172.164.2.8/16
etc…