Many Distil customers use the New Relic application monitoring service with their site. Distil does not whitelist either New Relic nor its IPs addresses, for they are not static and often change.
The ideal way to ensure Distil's content protection service doesn't block New Relic is by implementing a path whitelist.
Before You Begin
We recommend creating a new resource and path structure that isn’t commonly used by users, such as /ping or /uptime. This new page can be a duplicate of an existing one, or can be blank. It should not contain any sensitive information, since it will be accessible by bots. You then configure New Relic to monitor that specific resource or page.
Whitelisting New Relic IPs
Once you configure New Relic accordingly, follow the steps below to whitelist the path with Distil. Note that the steps vary depending on whether or not you have migrated your domain to the Apollo version Distil.
Whitelisting IPs for Upgraded Domains
Follow these steps only if you have migrated your domain to the latest Distil version.
Log in to the Distil Networks Portal.
Click Access Control Lists in the banner menu.
Click Create a New ACL to create a new access control list.
Select the ASSOCIATED RULES tab.
Alternately, select an existing ACL and modify the associated rules.
Select IP Address from the Rule Type: dropdown menu.
Enter New Relic’s IP addresses into the IP Addresses field (steps a – b):
a. Copy the list of New Relic IPs.
b. Paste the list into the IP Addresses: field on the Associated Rules tab.
NOTE: The IP addresses shown above are examples. Refer to the New Relic site for a full list of its current IP addresses.
- Set Access Rights to Whitelist.
Enter any relevant notes (e.g., “New Relic IPs”) in the Note: field.
- Click Save Rule(s).
Add your domains to the Associated Paths tab.
Whitelisting IPs for Classic Domains
If you have not yet migrated your domain to the Apollo version of Distil, contact Distil support to implement the proper New Relic path whitelist.