Additionally, it's worth mentioning that if you're using a service that lives behind a firewall that requires incoming requests to authenticate by IP, you can try the new Proximo add-on (https://devcenter.heroku.com/articles/proximo) that's available in beta.
This elegantly solves the problem of needing to have a static IP for outbound requests from your application, and allows your corporate security folks to authenticate inbound traffic from your specific source IP. It does not give the you a static IP for inbound HTTP requests going TO your Heroku app, but I would honestly be in total disbelief if that turned out to be an issue. -- Morten Bagai Heroku On Monday, August 6, 2012 at 9:54 PM, Oren Teich wrote: > Due to our dynamic nature, there is no way to limit it to a small or > single IP address. We automatically change IP addresses at various > times due to load, performance, infrastructure changes, etc. This is a > common design feature for cloud these days. Right now your CNAME setup > will round-robin between 8 or so IP addresses, and we find > historically that at least one will change every week or so. If you > use the SSL add-on, you'll have a single IP address… for a while. It's > non-deterministic when it will change, with no control available. It > could change every few minutes, or only once a month. > > Oren > > On Mon, Aug 6, 2012 at 5:08 PM, Karl <threadh...@gmail.com > (mailto:threadh...@gmail.com)> wrote: > > I have an app that is B2B, utilizing a custom domain. Occasionally, I get an > > email from a new corporate firewall admin asking for the url, ports and ip's > > of the application. The url (mydomain.com (http://mydomain.com)) and > > ports(80, 443) are easy, but > > I'm having problems with the IP address. > > > > They (company firewall admins) complain that the application does not have a > > single IP address. Every time they hit the app, it comes back with a > > different IP. > > > > I know every firewall is different, and maybe a proxy and filter are the > > best methods to handle this. But I need to give them some guidance. > > > > Can someone give me some tips on what to tell firewall administrators what > > to do to allow access to a Heroku application? > > > > -- > > You received this message because you are subscribed to the Google > > Groups "Heroku" group. > > > > To unsubscribe from this group, send email to > > heroku+unsubscr...@googlegroups.com > > (mailto:heroku+unsubscr...@googlegroups.com) > > For more options, visit this group at > > http://groups.google.com/group/heroku?hl=en_US?hl=en > > > > > -- > You received this message because you are subscribed to the Google > Groups "Heroku" group. > > To unsubscribe from this group, send email to > heroku+unsubscr...@googlegroups.com > (mailto:heroku+unsubscr...@googlegroups.com) > For more options, visit this group at > http://groups.google.com/group/heroku?hl=en_US?hl=en > > -- You received this message because you are subscribed to the Google Groups "Heroku" group. To unsubscribe from this group, send email to heroku+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/heroku?hl=en_US?hl=en
