IP Allowlist Guide

Claude IDE Bridge — for self-hosters exposing the bridge remotely

Local use only? If you run Claude Code CLI on the same machine as the bridge (the default setup), no firewall changes are needed. This guide applies only when exposing the bridge to the network — for remote Claude Code, claude.ai Custom Connectors, or Claude Desktop.

When you need an IP allowlist

Client	Connection origin	Allowlist needed?
Claude Code CLI (local)	`127.0.0.1` — same machine	No
Claude Code CLI (remote SSH)	Developer's machine IP	Allowlist developer's IP only
claude.ai Custom Connectors	Anthropic's server IPs	Yes — see below
Claude Desktop (MCP connector)	Anthropic's server IPs	Yes — see below

Anthropic's IP ranges

When claude.ai or Claude Desktop connects to a remote MCP server, requests originate from Anthropic's infrastructure. You must allowlist these IPs on your firewall or reverse proxy.

The canonical, always-up-to-date list is published by Anthropic at:
https://docs.claude.com/en/api/ip-addresses

Always use Anthropic's published list. IP ranges change over time. Do not hardcode IPs from this page — fetch the live list from the URL above.

Configuring your firewall

ufw (Ubuntu / Debian)

# Replace <BRIDGE_PORT> with your bridge port (default: auto-assigned, check the lock file)
# Replace each IP/CIDR with the current entries from Anthropic's IP list

for cidr in 160.79.104.0/23 54.84.169.0/24; do   # example — use live list
  ufw allow from "$cidr" to any port <BRIDGE_PORT> proto tcp
done

iptables

BRIDGE_PORT=<BRIDGE_PORT>
for cidr in 160.79.104.0/23 54.84.169.0/24; do   # example — use live list
  iptables -A INPUT -p tcp --dport "$BRIDGE_PORT" -s "$cidr" -j ACCEPT
done
iptables -A INPUT -p tcp --dport "$BRIDGE_PORT" -j DROP

nginx (reverse proxy with allowlist)

server {
    listen 443 ssl;
    server_name bridge.example.com;

    # Allow Anthropic IPs (replace with current list from Anthropic's docs)
    allow 160.79.104.0/23;
    allow 54.84.169.0/24;
    # Also allow your own IP for direct access
    allow <YOUR_IP>;
    deny all;

    location / {
        proxy_pass http://127.0.0.1:<BRIDGE_PORT>;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_read_timeout 310s;
    }
}

Binding the bridge to a public address

By default the bridge binds to 127.0.0.1 (loopback only). To accept remote connections, start with --bind:

# Bind to all interfaces (firewall/allowlist required)
claude-ide-bridge --bind 0.0.0.0

# Bind to a specific interface
claude-ide-bridge --bind 10.0.0.5

Always protect a publicly bound bridge with both the IP allowlist and the bearer token auth that the bridge enforces by default. The token lives in ~/.claude/ide/<port>.lock. Use claude-ide-bridge print-token to retrieve it for MCP client configuration.

Generating the MCP config for a remote bridge

Once the bridge is reachable, generate a client config pointing to it:

# On the remote VPS — print the auth token
claude-ide-bridge print-token

# On the local machine — generate an HTTP MCP config
bash scripts/gen-mcp-config.sh remote \
  --host bridge.example.com:<BRIDGE_PORT> \
  --token <TOKEN>

See the Remote Deployment section of the README for the full walkthrough.