Whitelist

Whitelist (or walled garden) is a list of domains/web sites that users are able to visit without being authenticated.

Web domains to be included in the whitelist should be added as aaa.domain.com or *.domain.com. Some routers support wildcard record * (like Mikrotik, Ruckus, Cambium, Cradlepoint, Meraki) while others don’t (like LigoWave, Teltonika etc…)

Following domains must be added in the whitelist:

For routers that support the wildcard record

wifihotspot.io
*.starthotspot.com
cdnhotspot.azureedge.net
cdn.starthotspot.com
cdn.wifihotspot.io
*t-msedge.net
static.cloudflareinsights.com
13.92.228.228
13.90.247.200
40.117.190.72
40.121.151.4

For routers without the wildcard record

wifihotspot.io
cdn.wifihotspot.io
starthotspot.com
cdnhotspot.azureedge.net
cdn.starthotspot.com
t-msedge.net
static.cloudflareinsights.com
13.92.228.228
13.90.247.200
40.117.190.72
40.121.151.4

List of IPs to whitelist

40.117.189.181
40.117.191.238
40.117.185.80
40.117.184.255
52.240.52.29
52.240.52.183
52.240.52.184
52.240.52.185
52.240.52.186
40.117.190.72
40.71.11.156

Users with Whitelabel solution will need to add the following domains in the AP/ router whitelist:

Whitelist for Whitelabel customers only

yourportaldomain.com ( like connect.wifihotspot.io)
yourwewebsite.com ( like wifihotspot.io)
cdnhotspot.azureedge.net
cdn.starthotspot.com
cdn.wifihotspot.io
wifihotspot.io
*t-msedge.net
static.cloudflareinsights.com
13.92.228.228
13.90.247.200
40.117.190.72
40.121.151.4

For example, in the Mikrotik walled garden you will add:

wifihotspot.io
cdn.wifihotspot.io
cdn.starthotspot.com
*.starthotspot.com
*t-msedge.net
static.cloudflareinsights.com
13.92.228.228
13.90.247.200
40.117.190.72
40.121.151.4
*facebook*
*facebook.net
*googleapis*

In Ligowave whitelist you should add:

wifihotspot.io
cdn.wifihotspot.io
cdn.starthotspot.com
starthotspot.com
13.92.228.228
13.90.247.200
40.117.190.72
40.121.151.4
facebook.com
facebook.net
twitter.com
instagram.com
google.com
youtube.com

Social login whitelist

If you want to enable Social network login feature or use Paypal as payment gateway, add further IP’s as per below for each network you plan to support.

CAUTION

Domains added to the whitelist will be always accessible to the users.

This means that your users will be able to use Facebook or other whitelisted social networks and websites without connecting to the network.

If social network domains are removed from the whitelist, the social login feature will not work on the splash page.

Facebook

*.facebook.com
*.facebook.net
*.akamaihd.net
*.fbcdn.net
*.atdmt.com
*.fbsbx.com
——————
facebook.com
facebook.net
akamaihd.net
fbcdn.net
atdmt.com
fbsbx.com
—————–
31.13.24.0/21
157.240.0.0/16
31.13.0.0/16
www.facebook.com
www.facebook.net
connect.facebook.net
maps.googleapis.com
akamaihd.net
staticxx.facebook.com
static.xx.fbcdn.net
pixel.facebook.com
fbsbx.com
– if it does not work, try adding:
45.64.40.0/22
66.220.144.0/20
69.63.176.0/20
69.171.224.0/19
74.119.76.0/22
103.4.96.0/22
129.134.0.0/16
173.252.64.0/18
179.60.192.0/22
185.60.216.0/22
204.15.20.0/22

Twitter

twitter.com
api.twitter.com
*.twimg.com
*.akamaihd.net
*.twitter.com
———–
twitter.com
twimg.com
abs.twitter.com
———–
twitter.com
www.twitter.com
abs.twitter.com
abs.twitimg.com
api.twitter.com
pbs.twimg.com
199.16.156.0/22
199.59.148.0/22
199.96.56.0/21
192.133.76.0/22

LinkedIn

linkedin.com
www.linkedin.com
platform.linkedin.com
slicdn.com
*linkedin*
*linkedin.com
*licdn.com
*akamai.net
*akamaiedge.net
*msedge.net
———–
linkedin.com
licdn.com
akamaiedge.net
———–
91.225.248.0/23
linkedin.com
www.linkedin.com
platform.linkedin.com
slicdn.com
licdn.com
static.licdn.com
184.51.0.0/16
108.174.0.0/16
– if it does not work, try adding:
103.20.94.0/23
108.174.0.0/22
108.174.4.0/24
108.174.8.0/22
108.174.12.0/23
144.2.0.0/22
144.2.192.0/24
216.52.16.0/23
216.52.18.0/24
216.52.20.0/23
216.52.22.0/24
65.156.227.0/24
8.39.53.0/24
185.63.144.0/24
185.63.147.0/24
199.101.161.0/24
64.152.25.0/24
8.22.161.0/24

Line.me

access.line.me
static.line-scdn.net
d.line-scdn.net
profile.line-scdn.net
optout-api.tr.line.me
torimochi.line-apps.com

VK

oauth.vk.com
st6-22.vk.com
vk.com
top-fwz1.mail.ru
stats.vk-portal.net
login.vk.com
tns-counter.ru
———–
*.vk.com

Google

accounts.youtube.com
accounts.google.*
ssl.gstatic.com
ssl.google-analytics.com
*.googleusercontent.com
*.akamaihd.net
*.google.com
*.googleapis.com
*.gstatic.com
———–
googleapis.com
gstatic.com
———–
accounts.youtube.com
accounts.google.com
ssl.gstatic.com
ssl.google-analytics.com
googleusercontent.com

Google Play

android.clients.google.com
*.googleapis.com
*.gvt1.com
*.ggpht.com
*.googleusercontent.com
*.gstatic.com
accounts.google.com
accounts.youtube.com
connectivitycheck.android.com
connectivitycheck.gstatic.com

Youtube

youtube.com
*.youtube.com
*.doubleclick.net
*.googlesyndication.com
*.googlevideo.com
*.ytimg.com
———–
ytimg.com
youtube.com
www.youtube.com
doubleclick.net
googlesyndication.com
googlevideo.com

Paypal

paypal.com
sandbox.paypal.com
paypalobjects.com
paypalssl.doubleclick.net
paypal.112.2o7.net
securepics.ebaystatic.com
mobile.paypal.com
m.paypal.com
——————
paypal.com
*.paypal.com
*paypal*
t.paypal.*
*.sandbox.paypal.com
*.paypalobjects.com
paypalobjects.com
paypalssl.doubleclick.net
paypal.112.2o7.net
securepics.ebaystatic.com
mobile.paypal.com
m.paypal.com
*akamai*
*.akamaitechnologies.com
*.akamaiedge.net
*.akamaihd.net

Authorize.net

secure.authorize.net
authorize.net

Interswitch Quickteller

Interswitch Quickteller is currently not supported
webpay.interswitchng.com
pwq.sandbox.interswitchng.com
paywith.quickteller.com
mufasa.interswitchng.com
h.online-metrix.net

Payment code should be placed in the Gateway login field.

Stripe

*stripe*
——————
m.stripe.com
r.stripe.com
api.stripe.com
stripe
js.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
gstripe
hcaptcha.com
newassets.hcaptcha.com
api2.hcaptcha.com
api.hcaptcha.com
pay.google.com
www.gstatic.com
play.google.com
——————

– if it does not work, try adding:

a.stripecdn.com
api.stripe.com
atlas.stripe.com
auth.stripe.com
b.stripecdn.com
billing.stripe.com
buy.stripe.com
c.stripecdn.com
checkout.stripe.com
climate.stripe.com
connect.stripe.com
dashboard.stripe.com
express.stripe.com
files.stripe.com
hooks.stripe.com
invoice.stripe.com
invoicedata.stripe.com
js.stripe.com
m.stripe.com
m.stripe.network
manage.stripe.com
pay.stripe.com
payments.stripe.com
q.stripe.com
qr.stripe.com
r.stripe.com
verify.stripe.com
stripe.com
terminal.stripe.com
uploads.stripe.com
——————
IP addresses

The full list of IP addresses that api.stripe.com may resolve to is:

13.112.224.240
13.115.13.148
13.210.129.177
13.210.176.167
13.228.126.182
13.228.224.121
13.230.11.13
13.230.90.110
13.55.153.188
13.55.5.15
13.56.126.253
13.56.173.200
13.56.173.232
13.57.108.134
13.57.155.157
13.57.156.206
13.57.157.116
13.57.90.254
13.57.98.27
18.194.147.12
18.195.120.229
18.195.125.165
34.200.27.109
34.200.47.89
34.202.153.183
34.204.109.15
34.213.149.138
34.214.229.69
34.223.201.215
34.237.201.68
34.237.253.141
34.238.187.115
34.239.14.72
34.240.123.193
34.241.202.139
34.241.54.72
34.241.59.225
34.250.29.31
34.250.89.120
35.156.131.6
35.156.194.238
35.157.227.67
35.158.254.198
35.163.82.19
35.164.105.206
35.164.124.216
50.16.2.231
50.18.212.157
50.18.212.223
50.18.219.232
52.1.23.197
52.196.53.105
52.196.95.231
52.204.6.233
52.205.132.193
52.211.198.11
52.212.99.37
52.213.35.125
52.22.83.139
52.220.44.249
52.25.214.31
52.26.11.205
52.26.132.102
52.26.14.11
52.36.167.221
52.53.133.6
52.54.150.82
52.57.221.37
52.59.173.230
52.62.14.35
52.62.203.73
52.63.106.9
52.63.119.77
52.65.161.237
52.73.161.98
52.74.114.251
52.74.98.83
52.76.14.176
52.76.156.251
52.76.174.156
52.77.80.43
52.8.19.58
52.8.8.189
54.149.153.72
54.152.36.104
54.183.95.195
54.187.182.230
54.187.199.38
54.187.208.163
54.238.140.239
54.65.115.204
54.65.97.98
54.67.48.128
54.67.52.245
54.68.165.206
54.68.183.151
107.23.48.182
107.23.48.232
https://stripe.com/docs/ips#ip-addresses

Apple Pay

smp-paymentservices.apple.com
paymentservices.apple.com
*apple-dns.net
*akadns.net
captive.g.aaplimg.com
*apple-dns.net
www.apple.com
ocsp.apple.com
v.aaplimg.com
apple.com
apple-pay-gateway-apple.com
apple-pay-gateway-nc-pod2.apple.com
apple-pay-gateway-nc-pod1.apple.com
www.gstatic.com

The full list of IP addresses that Apple Pay may resolve to is available here:
Apple Pay IP addresses and domain names

Please note, these IP ranges and domains are subject to change depending on the social network setup.

Updated on September 20, 2024

Was this article helpful?