IP Blacklist


IP Blacklist policy controls access to a configured API endpoint from a single IP address or a range of IP addresses.

To Start with we will create an mulesoft application and connect it with API manager – please see how we can connect the mulesoft application to API Manager

After deployment of application in Cloudhub the API manager configuration will come as Active

IP Blacklist


Now we will apply the policy

IP Blacklist


Select IP blacklist

IP Blacklist


Now update the policy configuration

IP Blacklist


IP expression – this is the expression from where the policy will source the IP address from incoming request

So here also we have two way of capturing incoming request’s IP address

  • The API is behind the Dedicated Load Balancer (DLB) or Shared Load Balancer (SLB)

We use attributes.headers[‘X-Forwarded-For’] as this will hold the actual originator IP address. This is populated by the proxy services or load balancer when they route it to actual target

  • The request hits the worker of the API directly

We use attributes.remoteAddress as this will host the Client IP address

In case of above scenario attributes.remoteAddress will hold the IP address of the Proxy server or Load balancer


This can be your IP address or IP range


Now if I look for my IP address then it’s come out to be

IP Blacklist


Let’s update the IP blacklist configuration

#[attributes.headers[‘X-Forwarded-For’]] for IP expression and My IP address as Blacklist IP


Click apply


Now if I hit this API then I’ll get


To understand the attributes.headers[‘X-Forwarded-For’] and attributes.remoteAddress better then we will add the log for these two attributes value


Now if we look into the Cloudhub logs and / are both remoteAddress whereas is X-Forwarded-For or Originator address

As we are using Cloudhub shared load balancer so that’s why remoteAddress is changing as per forwarding Load balancer

Sample mule application – sample-rest-service-ip-blacklist

SOAP UI application – sample-rest-service-ip-black-soapui-project

Thank you for taking out time to read the above post. Hope you found it useful. In case of any questions, feel free to comment below. Also, if you are keen on knowing about a specific topic, happy to explore your recommendations as well.
For any latest updates or posts on our website, you can follow us on LinkedIn. Look forward to connecting with you there.

Share this:
Notify of
1 Comment
Newest Most Voted
Inline Feedbacks
View all comments
1 year ago

Very Useful
Thank You