Configuring Frontdoor IP Restrictions in 7.9.4+

September 12, 2025
How To

Summary

In 7.9.4, we added a feature that can be turned on to block access to the Cablecast login and management interface through Frontdoor. This feature works on a whitelist for the IP ranges specified and denies all other access not listed.

This is a quick guide on how to configure this setting and test it.

If you get confused or stuck on any part of the process, you can always contact support@cablecast.tv via email for help.

Requirements

  • A cablecast system with 7.9.4 or higher installed. Contact support to get licensed for 7.9 if you are not receiving updates at support@cablecast.tv
  • Basic knowledge of networking and subnetting. This article assumes the user has basic knowledge of subnets and CIDR.
  • The IP addresses and/or ranges you want in CIDR notation to whitelist.

Navigating to the Public Connectivity Page

You will need to log into Frontdoor and the Cablecast UI with administrator-level access to system settings.

You will then navigate to Settings -> System Settings -> Public Connectivity

Configuring IP restrictions.

Once you navigate to the public connectivity page, you will then be greeted with a page that will look like this.

We will focus on the IP Restrictions section under "Advanced".

It's important to understand that once an address has been entered into this section and saved, only those addresses will be able to access anything in the management UI/frontdoor (Internet channel and content playback will not be affected)

localhost will always be included by default. If you mess up and lock your self out, you can browse to Frontdoor from the local server console and undo or fix the changes.

I'm using these network ranges as examples for this configuration.

text

1 2 3 192.168.0.57 <---Single local IP address of my PC 140.186.214.244 <--- Single external IP of a site, will allow every device at that location to access over the internet. 10.10.1.1/24 <--- will unblock everything on the /24 local subnet so 10.10.1.1 to 10.10.1.254 will be able to access.

This list will be entered with a comma-separate list with no spaces, which will look something like this

text

1 192.168.0.57,140.186.21.244,10.10.1.1/24

Once the your addresses have been put in, click "save" at the bottom to apply the changes. It will take a few minutes for the server to update its web configuration.

Testing the configuration.

If you're successful, you should be able to load Frontdoor on your server with a machine that is whitelisted.

If an IP is not in the IP resitrctions you should see an NGINX forbidden message when accessing frontdoor.