Application Server IPs & EC2 configuration

If you need to use external services that are located behind a firewall you'll need to open your firewall to allow access from our application servers. This is necessary as we may move your application to a different server at any time.

The preferred method to allow access depends on where your service is running. When you're running outside of AWS you'll need to add an IP range, which may require maintenance in the future. If you're running inside of AWS you can add our application server security group and avoid maintaining the IP-ranges.

External service: This list will be updated continuously so please check it every once in a while to make sure your firewall is set up correctly. The IPs that needs to be added to your firewall depends on the your app's region:

US region IPs:

  • (CIDR
  • (CIDR

EU region IPs:

  • - (CIDR

Security groups

Important: Security group based access rules are no longer supported. Instead we recommend that you add the IP ranges listed above for your region.

Amazon RDS

If you're using an Amazon RDS database server in the same public amazon region as AppHarbor you'll also have to set up the appropriate security group to ensure access to your database server. This information is the same in both the US and EU regions:

AWS account id: 136621386816
Security group name: web

It is important that you allow access based on the IPs listed above as well to ensure that the database server will continue to be accessible in the event of a DNS service failure.

Note: RDS instances running in your own VPC should be configured to allows access from the IP addresses listed above in "External services" section.