For additional security and preventing un-authorized IP addresses from accessing Piwik dashboards, you can configure a set of white-listed (allowed) IP addresses.

IP addresses can be whitelisted by adding them under your [General] section in config/config.ini.php:

login_whitelist_ip[] = 204.93.240.1
login_whitelist_ip[] = 204.93.240.*
login_whitelist_ip[] = 204.93.177.0/24
login_whitelist_ip[] = 2001:db8::/48

When configured, only users from a configured IP address can log into your Piwik. You can define one or multiple ; IPv4, IPv6, and IP ranges.

By default, if a whitelisted IP address is specified via login_whitelist_ip[] then both the reporting user interface as well as HTTP Reporting API requests will only work for these whitelisted IPs. But in some cases you need to allow all IP addresses access to your Piwik HTTP Reporting API endpoint. To allow all IP addresses to access the Piwik Reporting API, set in your config file under [General]:

login_whitelist_apply_to_reporting_api_requests = 0

When whitelisted IP addresses are configured and you try to access Piwik but your IP is not white-listed, you will see an error like this: “You cannot use this Piwik as your IP 1.2.3.4 is not whitelisted”.

See also: How do I exclude traffic from an IP or a range of IP addresses?

Any questions?

Many answers and more information about Piwik You can find here:

We are social

Follow us: