// IP-BASED ACCESS CONTROL

Lock any service to your IP.
No agent. No VPN.

Two URLs keep your ufw allowlist current as your IP changes. SSH, HTTPS, databases, admin panels, anything you want to gate. Free, scriptable, and built by operators.

Create a key pair →

✓ no login required ✓ ephemeral. we don't store your pair ✓ free forever

// HOW IT WORKS

Two URLs. One allowlist that keeps up with you.

Get a pair

Solve the captcha and we hand you an auth URL and a server URL. No account needed.

Wire your server

Drop the server URL into a cron / poll on your box. It reads the current registered IP.

Click to refresh

Hit your auth URL from any browser; your IP registers and ufw updates within the poll window.

See how it works → Setup for your OS →

// A NEW WAY TO THINK ABOUT IT

Most access control is built for the enterprise. We built one that fits a cron job.

The market is full of excellent identity-and-access platforms. They're powerful, and they're priced, packaged, and integrated for organizations with security teams. IPAuth solves one specific slice of that problem: keep my service open only to my current IP. No agents. No accounts for end users. No vendor stack to adopt. Compose with what you already run.

Approach	Cost	Setup	Agent / client?	Roving IP	Vendor lock-in
Cloudflare Access / Zero Trust	$$ per seat	Medium	Browser session	Auto	High (Cloudflare-only)
Tailscale / WireGuard mesh	$ to $$ per device	Medium	Yes, every device	Auto	Medium
Corporate VPN (OpenVPN, Pulse)	$$$ + ops time	High	Yes, every device	Auto (when on VPN)	Medium
Manual IP allowlist	Free	Low	None	No (goes stale)	None
HTTP Basic Auth / shared password	Free	Low	None	N/A	None, but still indexable / shareable
IPAuth	Free	Low (2 URLs + cron)	None (just a browser)	Auto (click bookmark)	None. Works with any firewall/CDN/WAF

WE'RE NOT REPLACING THEM

Cloudflare Access, Tailscale, Okta. All great products for the problems they solve. IPAuth is for the slice of the problem where those tools are overkill.

BUILT FOR LEAN STACKS

No per-seat math. No multi-year contracts. No identity platform to adopt before you can lock down one port. Just a script and a cron entry.

COMPOSES, DOESN'T LOCK IN

Works with ufw, iptables, pf, ipfw, Windows Firewall, NOC, Cloudflare rules, AWS security groups. Anywhere that accepts an IP. Stop using IPAuth tomorrow and your firewall keeps working.