Welcome to Origin IP ACL

Origin IP Access Control List (Origin IP ACL) offers some protection for your origin server by restricting traffic to ​Akamai​-controlled IP addresses. ​Akamai​ maintains a small and stable list of IP addresses that you use in policy rules in your origin server's firewall. These IP addresses are represented in a list using classless inter-domain routing (CIDR). CIDR is an IP addressing scheme that improves the allocation of IP addresses by using a single IP address with a prefix at the end to designate many, unique IP addresses. With Origin IP ACL, requests from edge servers to your origin will always be sourced from an address in one of these prefixes.

1. Get the IP addresses

You need to add these addresses to your origin server for access.

2. Set it up

The requirements and setup for Origin IP ACL vary based on the ​Akamai​ product you're adding it to:


We're working on support for Ion (Standard and Premier) and Dynamic Site Accelerator. Check back for a future release.

3. Review caveats and recommendations

There are some limitations on the use of Origin IP ACL and some additional recommendations. Review these points before going live with it in your delivery workflow.