Skip to main content

Why Whitelist Spur’s IPs?

Spur runs automated browser tests against your application from our cloud infrastructure. If your staging, development, or production environment is behind a firewall, VPN, or IP-restricted access layer, you need to allow traffic from Spur’s IP addresses so that tests can reach your application.
If Spur’s IPs are not whitelisted, test runs will fail with connection or timeout errors because our test runners cannot reach your application.

Spur IP Addresses

Contact the Spur team to get the current list of IP addresses you need to whitelist.

Contact Us

Reach out to the Spur team to request the IP addresses for your allowlist.

How to Whitelist

The exact steps depend on where your application is hosted. Below are instructions for common providers.
1

Open the EC2 Console

Go to the EC2 Console and select Security Groups from the left sidebar.
2

Select your security group

Find and click the security group attached to your application’s instance or load balancer.
3

Edit inbound rules

Click Edit inbound rules and add a new rule:
  • Type: HTTPS (port 443) or HTTP (port 80), depending on your setup
  • Source: Custom, then enter each Spur IP address
  • Description: Spur test runners
4

Save

Click Save rules. Changes take effect immediately.
1

Open VPC Network

Go to the VPC Firewall Rules page in the Google Cloud Console.
2

Create a firewall rule

Click Create Firewall Rule and configure:
  • Name: allow-spur-test-runners
  • Direction: Ingress
  • Targets: Select the target tags or service accounts for your application
  • Source IP ranges: Enter each Spur IP address
  • Protocols and ports: Allow TCP on port 443 (and 80 if needed)
3

Save

Click Create. The rule applies within a few seconds.
1

Open Network Security Groups

Go to Network Security Groups in the Azure Portal.
2

Select your NSG

Click the NSG associated with your application’s subnet or network interface.
3

Add an inbound rule

Go to Inbound security rules and click Add:
  • Source: IP Addresses
  • Source IP addresses: Enter each Spur IP address (comma-separated)
  • Destination port ranges: 443 (and 80 if needed)
  • Protocol: TCP
  • Action: Allow
  • Name: AllowSpurTestRunners
4

Save

Click Add. The rule takes effect shortly.
Most modern hosting platforms like Vercel, Netlify, and Cloudflare do not block incoming traffic by default. If you have configured IP-based access restrictions (such as Cloudflare Access or Vercel’s IP allowlisting), add Spur’s IP addresses to your allowlist through that platform’s dashboard.
If you manage access control at the web server level, add Spur’s IPs to your configuration.Nginx — add inside your server or location block:
allow <SPUR_IP_1>;
allow <SPUR_IP_2>;
# Add all IPs provided by the Spur team
Apache — add inside your <Directory> or <Location> block:
Require ip <SPUR_IP_1>
Require ip <SPUR_IP_2>
# Add all IPs provided by the Spur team
Reload your web server after making changes.

Verifying the Setup

After whitelisting, run a quick test from Spur to confirm connectivity:
1

Create or open a test

Navigate to any existing test or create a new one that targets the environment behind your firewall.
2

Run the test

Execute the test. If the first step (navigating to your URL) completes successfully, whitelisting is working.
3

Troubleshoot if needed

If the test fails with a timeout or connection error:
  • Confirm the correct IPs are whitelisted
  • Check that the allowed ports match your application (443, 80, or a custom port)
  • Verify there are no additional layers (VPN, WAF, CDN) that also require allowlisting
If your infrastructure uses a Web Application Firewall (WAF) in addition to network-level rules, you may need to add Spur’s IPs to both the WAF allowlist and your firewall rules.