Support Home > Developers > How to add Jetpack IPs to an Allowlist

How to add Jetpack IPs to an Allowlist

Allowing IP addresses in WordPress enables you to control who can (or cannot) access your website.

This article covers how to allowlist IPs for Jetpack, Jetpack VaultPress Backup, and the older VaultPress, and shows our hosting requirements.

An allowlist lists IP addresses or domains that are provided privileged access or treatment. It is the opposite of a blocklist intended to block or restrict access. Some hosting could use other words to identify the allowed IPs list on their systems. If you have questions, the recommendation is to contact your host support for more information.

Allow all Communications Between Jetpack and WordPress.com

Some hosts and plugins believe that blocking access to xmlrpc.php will stop various hacking attempts. However, XML-RPC support has been built into WordPress core since version 3.5 and is a stable tool. Jetpack, like other plugins, services, and mobile apps, relies on the XML-RPC file to communicate with WordPress.com. If this is blocked, your Jetpack connection will stop working properly.

You should be able to protect a site’s XML-RPC file without having to allow specific IP ranges. The most popular hosts use tools like fail2ban or ModSecurity, for example.

If you’d prefer to use an allowlist, you’ll need to allow these IP ranges:

  • 122.248.245.244/32
  • 54.217.201.243/32
  • 54.232.116.4/32
  • 192.0.80.0/20
  • 192.0.96.0/20
  • 192.0.112.0/20
  • 195.234.108.0/22

Important: These IP addresses are subject to change. If you are writing IP-based firewall rules, you’ll need to update those rules any time the addresses change. We also have machine-readable versions of these IP ranges in JSON and plain text format that you can use to automate configuration changes on your systems.

Using Jetpack with Cloudflare and/or Sucuri

By default, Cloudflare and Jetpack should require no additional configuration to operate together if there are no additional security configurations specified with Cloudflare.

If you are using Cloudflare (with additional security rules) or Sucuri, these are the ranges they accept:

  • 192.0.64.0/24
  • 192.0.65.0/24
  • 192.0.66.0/24
  • 192.0.67.0/24
  • 192.0.68.0/24
  • 192.0.69.0/24
  • 192.0.70.0/24
  • 192.0.71.0/24
  • 192.0.72.0/24
  • 192.0.73.0/24
  • 192.0.74.0/24
  • 192.0.75.0/24
  • 192.0.76.0/24
  • 192.0.77.0/24
  • 192.0.78.0/24
  • 192.0.79.0/24
  • 192.0.80.0/24
  • 192.0.81.0/24
  • 192.0.82.0/24
  • 192.0.83.0/24
  • 192.0.84.0/24
  • 192.0.85.0/24
  • 192.0.86.0/24
  • 192.0.87.0/24
  • 192.0.88.0/24
  • 192.0.89.0/24
  • 192.0.90.0/24
  • 192.0.91.0/24
  • 192.0.92.0/24
  • 192.0.93.0/24
  • 192.0.94.0/24
  • 192.0.95.0/24
  • 192.0.96.0/24
  • 192.0.97.0/24
  • 192.0.98.0/24
  • 192.0.99.0/24
  • 192.0.100.0/24
  • 192.0.101.0/24
  • 192.0.102.0/24
  • 192.0.103.0/24
  • 192.0.104.0/24
  • 192.0.105.0/24
  • 192.0.106.0/24
  • 192.0.107.0/24
  • 192.0.108.0/24
  • 192.0.109.0/24
  • 192.0.110.0/24
  • 192.0.111.0/24
  • 192.0.112.0/24
  • 192.0.113.0/24
  • 192.0.114.0/24
  • 192.0.115.0/24
  • 192.0.116.0/24
  • 192.0.117.0/24
  • 192.0.118.0/24
  • 192.0.119.0/24
  • 192.0.120.0/24
  • 192.0.121.0/24
  • 192.0.122.0/24
  • 192.0.123.0/24
  • 192.0.124.0/24
  • 192.0.125.0/24
  • 192.0.126.0/24
  • 192.0.127.0/24

If you are using Cloudflare they also support only allowing traffic coming from servers with a specific ASN (autonomous system number). To configure that, you can allow access to 2635.

Jetpack VaultPress Backup / Older VaultPress

The entire IP range from 192.0.64.1 ~ 192.0.127.254 needs to be added to the allowlist.

  • CIDR Notation: 192.0.64.0/18
  • GoDaddy Firewall & Sucuri use CIDR Notation.
  • Wordfence: 192.0.[64-127].[1-254]

Hosting Requirements

Generally, Jetpack works with any server that meets the requirements for WordPress itself, but some specific functionality is used more in Jetpack than WordPress itself.

  • XML: The Jetpack connection and various features use PHP’s XML manipulation libraries. While this is part of PHP by default, it can be built without it, and increasingly, we’re seeing some server environments needing a specific package installed.
    • Please install PHP’s XML module if you see an error message related to PHP XML functionality. Depending on your operating system, this can be done with a package manager: sudo apt-get install php-xml or sudo apt-get install php7.0-xml, sudo yum -y install php-xml or by building PHP without the --disable-xml flag.
    • If you are not skilled or confident to proceed, please ask your hosting support to install it for you.
  • Ability to perform outbound HTTPS requests to jetpack.wordpress.com and dashboard.jetpack.com.

Find more information that can be useful to server administrators and hosting providers on our Hosting Reference Documentation page.

  • Table Of Contents

  • Categories

  • Contact Us

    Need more help? Feel free to contact us.