Rich-text Reply

IP whitelist for experiments

lixulehigh 09-09-14

IP whitelist for experiments

Hi, I am setting up an externally accessible server to test Optimizely on our site. The site-ops guys need a list of IP to whitelist. What should I provide to them? thanks,

Shaunak 09-10-14
 

Re: IP whitelist for experiments

Hi lixulehigh,

 

Since the Optimizely snippet is delievered via CDN, there is no static IP range. You should ask them to whitlelist " *.optimizely.com" domain for Optimizely to work.

 

Best,

Shaunak Mali 

Solutions Architect | Optimizely 

Optimizely
nsheep 10-03-14
 

Re: IP whitelist for experiments

Hello Shaunak,

Looks like we can not whitlelist domain names in our Cisco ASA FW.


Shaunak wrote:
 

Since the Optimizely snippet is delievered via CDN, there is no static IP range. You should ask them to whitlelist " *.optimizely.com" domain for Optimizely to work.

 



Any other ways to set this up ? 

Thanks 

 

Nir

Level 1
Shaunak 10-06-14
 

Re: IP whitelist for experiments

Hi Nir,

Just to make sure I understand your issue here, are you able to access your site from the Optimizely web editor when you are inside your VPN?
Optimizely
brad 10-07-14
 

Re: IP whitelist for experiments

Actually, on the design experiment, I believe that optimizely makes a server side call to our site. We currently whitelist ips for our staging site, as to make it publically accessible (thus not crawlable etc..). If possible can you provide either the AWS Security Group or the ips to whitelist to make the design experiment page work. Please note we do in fact load the optimizely js snippit.

 

Thanks!

Level 1
Shaunak 11-03-14
 

Re: IP whitelist for experiments

Hey Brad,

 

Sorry about the delay, I missed your message. I am going to loop in the support team to look into this further if there is a way we can whitelist Optimizely. I have created a ticket on your behalf and our support team should reach out to you soon.

 

Best,

Shaunak 

Optimizely
brad 11-07-14
 

Re: IP whitelist for experiments

As an FYI to everyone after having a very LONG conversation with support I have finally determined how Optimizely works. 

 

When you load the editor for Optimizely it attempts to iFrame your write with code injection from the javascript you are loading. However should your website not load in the iframe for various reasons, the most common being you have the http header "x-frame-options" that prevents your site from loading in an iframe, optimizely will fall back on making a server-side proxy call (called proxy-rewriter) to your site, therefore your site must be publically avaliable to the internet. Should that not work your site will not load in Optimizely.

 

There are 2 different fixes you can use here to bypass this problem:

1) You can change the header on your site to allow the domains. Note this will be set as part of the response header. When optimizely talks about white-listing domains, they mean to whitelist these domains in the x-frame-header option (something they don't describe well), however some browsers don't support this so keep that in mind. I believe chrome doesn't support this option.

 

.optimizely.com and .optimizelyedit.com

 

2) You can contact Optimizely who can provide you a chrome extenstion that will override and stripe that header out therefore allowing the iframe to load. (Ask for the extension and reference this conversation)

 

However Optimizely will NOT provide the server ips (AFAIK) from the servers that do the proxy fallback (proxy-rewriter) and instead recommend that you make your site iframe'able or you install their chrome extension.

 

Thanks!

Level 1
palhvatt 11-12-14
 

Re: IP whitelist for experiments

[ Edited ]

Hi,

 

We have a Staging environment where we want to test Optimizely before doing the same changes on our production servers. Now our Sysadmin is asking me which is the "Pool of Public IP addresses" that belongs to you guys, for granting access/allowing us to test Optimizely in QA.

 

Thanks in advance,

Pål

Level 1
alexcorre 04-22-15
 

Re: IP whitelist for experiments

Even after removing optimizely experiments, I'm still seeing errors resulting form optimizely's proxy-rewriter, sending request to my site. I want to completely disable this. How can I go about that?