Control who can (or cannot) access your website by allowing IP addresses in WordPress.
Make sure Jetpack can access your site so that we can run backups, security scans, and restore it back to a previous version.
Allow all communications between Jetpack and WordPress.com
If you want to ensure Jetpack can communicate with your site, or if you have been advised to allowlist our IPs by support, please allow these IP ranges:
- 122.248.245.244/32
- 54.217.201.243/32
- 54.232.116.4/32
- 192.0.80.0/20
- 192.0.96.0/20
- 192.0.112.0/20
- 195.234.108.0/22
- 192.0.64.0/18
Important: These IP addresses are subject to change. If you are writing IP-based firewall rules, you’ll need to update those rules any time the addresses change. We also have machine-readable versions of these IP ranges in JSON and plain text format that you can use to automate configuration changes on your systems.
A note about xmlrpc access
Some hosts and plugins believe that blocking access to xmlrpc.php will stop various hacking attempts. However, XML-RPC support has been built into WordPress core since version 3.5 and is a stable tool. Jetpack, like other plugins, services, and mobile apps, relies on the XML-RPC file to communicate with WordPress.com. If this is blocked, your Jetpack connection will stop working properly. You can read more about how Jetpack uses xmlrpc.php.
You should be able to protect a site’s XML-RPC file without having to allow specific IP ranges. The most popular hosts use tools like fail2ban or ModSecurity, for example.
Use Jetpack with Cloudflare (no additional security rules)
By default, Cloudflare and Jetpack should require no additional configuration to operate together if there are no additional security configurations specified with Cloudflare.
Use Jetpack with Cloudflare (additional security rules) and Sucuri
If you are using Cloudflare (with additional security rules) or Sucuri, please manually add Jetpack’s IPs:
192.0.64.0/24192.0.65.0/24192.0.66.0/24192.0.67.0/24192.0.68.0/24192.0.69.0/24192.0.70.0/24192.0.71.0/24192.0.72.0/24192.0.73.0/24192.0.74.0/24192.0.75.0/24192.0.76.0/24192.0.77.0/24192.0.78.0/24192.0.79.0/24192.0.80.0/24192.0.81.0/24192.0.82.0/24192.0.83.0/24192.0.84.0/24192.0.85.0/24192.0.86.0/24192.0.87.0/24192.0.88.0/24192.0.89.0/24192.0.90.0/24192.0.91.0/24192.0.92.0/24192.0.93.0/24192.0.94.0/24192.0.95.0/24192.0.96.0/24192.0.97.0/24192.0.98.0/24192.0.99.0/24192.0.100.0/24192.0.101.0/24192.0.102.0/24192.0.103.0/24192.0.104.0/24192.0.105.0/24192.0.106.0/24192.0.107.0/24192.0.108.0/24192.0.109.0/24192.0.110.0/24192.0.111.0/24192.0.112.0/24192.0.113.0/24192.0.114.0/24192.0.115.0/24192.0.116.0/24192.0.117.0/24192.0.118.0/24192.0.119.0/24192.0.120.0/24192.0.121.0/24192.0.122.0/24192.0.123.0/24192.0.124.0/24192.0.125.0/24192.0.126.0/24192.0.127.0/24
If you are using Cloudflare they also support only allowing traffic coming from servers with a specific ASN (autonomous system number). To configure that, you can allow access to 2635.
Jetpack VaultPress Backup service / Older VaultPress
The entire IP range from 192.0.64.1 ~ 192.0.127.254 needs to be added to the allowlist.
- CIDR Notation:
192.0.64.0/18 - GoDaddy Firewall & Sucuri use CIDR Notation.
- Wordfence:
192.0.[64-127].[1-254]
Find more information that can be useful to server administrators and hosting providers on our Hosting Reference Documentation page.
Still need help?
Please contact support directly. We’re happy to advise.
Jetpack 