The IP addresses in Login IP Ranges are enforced only when a user logs in

Impact area

Security

Severity

Medium

Affected element

Org Config

Rule ID

SF-0166

Impact

If this setting is disabled, the IP range filter is only enforced for the login operation. Apps included in the Org and accessed after login may make requests from IPs outside the allowed ranges.


Remediation

Enable this setting. From Setup, enter "Session Settings" in the Quick Find box, then select Session Settings. Then enable "Enforce login IP ranges on every request".

Time to fix

30 min

What's here


Related content

Org Configuration rules