Skip to main content

Fixed IP Address

A guide to managing IP addresses and API authentication. Learn how to retrieve cluster IPs, implement defense-in-depth security for integrations, and when to consider using an external proxy server.

Updated over 2 weeks ago

Seravo WordPress upkeep solution is a cloud service in which the clients sites are located in server clusters formed by many physical machines. This kind of architecture boosts the speed of the WordPress sites as well as adds redundancy and the ability to withstand load. This also means that it's not possible to get a fixed IP in Seravo upkeep by default.

In theory the only way to get a fixed Ip for your website is to buy a complete server or a cluster of servers from Seravo separately. This kind of a solution is, however, very expensive and the cost is most likely reasonable only for the largest of sites.

IP Addresses as a Method of Authentication

While you can add your server cluster's IP addresses to an external API's allowlist (whitelist), it is important to remember that in a clustered environment, multiple different sites share the same IP addresses. Generally speaking, an IP address alone is an insufficient and outdated method of authentication.

Defense in Depth

We always recommend a "defense in depth" approach. Even if you restrict access by IP address, you should always combine it with strong application-level authentication:

  • API Keys (Bearer Tokens): A unique secret sent with every HTTP request.

  • OAuth2 or JWT: Modern industry standards for secure authorization.

  • Enforced HTTPS: Ensure all traffic is encrypted to prevent identifiers and tokens from being intercepted.

Consider Other Connection Methods (SFTP & SSH)

If your integration uses methods other than HTTPS, such as file transfers (SFTP) or direct database connections, ensure the following:

  • Use Encrypted Protocols Only: Never use plain FTP; always opt for SFTP.

  • SSH Keys: Use SSH key-based authentication instead of passwords whenever possible.

  • Whitelisting is Only One Layer: Even if the destination server restricts access to Seravo's cluster IPs, strong authentication (keys or complex passwords) remains essential.

Need a List of Cluster's IP Addresses?

You can retrieve the IP addresses for your site's cluster by running the following command in the CLI: srv system metadata

We also recommend whitelisting these addresses:

  • 37.27.71.17

  • 2a01:4f9:3070:11a3::2

  • 65.21.45.2

If you need any assistance, please feel free to contact our customer support.

Routing Traffic via an External Proxy Server

An alternative technique is to route API traffic through a dedicated proxy server. This ensures that the external service always sees the same static IP address, even though the WordPress site itself remains within Seravo's clustered environment to maintain high availability and redundancy.

A proxy server can also be useful if an external API requires exotic communication protocols or specialized configurations not natively supported within the standard WordPress environment.

Things to Consider:

  • Redundancy: Ensure your external proxy is as reliable as your primary site. If the proxy goes down, the integration will fail (creating a Single Point of Failure).

  • Latency: Each additional "hop" between servers adds a small amount of latency to the requests.

  • Maintenance: A proxy server is an additional component that requires its own security updates, OS maintenance, and monitoring.

Dedicated Server, Data Center Services, or Virtual Servers

If your site's needs require it to run on a completely separate, dedicated server, you can turn to our partner, Domainkeskus. Domainkeskus offers both data center services and virtual servers.

Related Articles
Can I Use My Own DNS?
Staging Environments (Shadows)
How do I Connect to My WordPress Site with SSH/SFTP?
Logs Available for the Site
List of Commands and Tools
Did this answer your question?