1. Home
  2. Docs
  3. CDN
  4. Setup
  5. Adding QUIC.cloud IPs to Allowlist

Adding QUIC.cloud IPs to Allowlist

The IP addresses used by QUIC.cloud services may potentially be blocked by various firewalls either outright or when making a frequent amount of requests. This is especially a problem when they are blocked by the origin server, since QUIC.cloud CDN acts as a proxy service for your domain, and requires access for uncached requests.

To ensure QUIC.cloud is not blocked by the origin server, it’s ideal that the QUIC.cloud IPs be added to an ignore-list or allowlist. Please note that this IP list may be changed on a weekly basis as nodes are added or removed when optimizing global performance for you so contact your hosting support or server admin and refer to this page if you don’t have access to change it yourself.

LiteSpeed Web Server

Starting with 5.4.12 and later, LiteSpeed Web Server will automatically update the QUIC.cloud IPs for you.  If using a different version, we recommend that you add the IPs as “Trusted” in your LiteSpeed WebAdmin Console. Navigate to Configuration > Server > Security, scroll down to Access Control, and add the IPs to the Allowed List. The letter T added after the IP (no space) indicates that it is Trusted. So, your list would look something like this:


If your server is using Imunify360, BitNinja, or a web application firewall, you should allow the IPs in these places as well.


With Imunify360, the QUIC.cloud IPs are automatically included on the allowlist, and you don’t have to worry about anything. To verify, you can find the IPs located in /etc/imunify360-webshield/common-proxies.conf and /etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-litespeed/rbl_whitelist.

The latter path may vary depending on the web server and control panel used.


BitNinja maintains a list of allowed IPs, but we recommend you verify that this is actually true for your server. If necessary, you can manually allow the QUIC.cloud IPs in Bitninja.

Config Server Firewall (or) CSF

If CSF is your primary firewall, you can add our IPs to the csf.ignore file in the lfd- Login Failure Daemon section within the CSF Dashboard (accessible from the Plugins section in WHM/Plesk).

Alternatively, you can add the list directly to the /etc/csf/csf.ignore file, and restart CSF to allow the changes to take effect.


You can schedule a script with cron to automatically update other server-level firewalls on a daily or at least bi-weekly basis since is too often to be done by hand. We’d rather you let us know if there’s another server-level firewall that we could help with automating the allowlist updates for but if you rather do it yourself then can use:

If your server is not using any server-level firewall, or the IP’s are allowlisted already, be sure to check any application level firewall that may be in use (such as Wordfence for WordPress). It should include a similar allowlist function.

Status Updates

To keep up on the latest node, IP and other service-related changes:

Tags ,
Was this article helpful to you? Yes 48 No 24

How can we help?