Access control

Normally only a signed-in station member can log spins into playlists. Enabling automation provides another route for an outside entity to write to your playlists. The security considerations are discussed in the automation user guide.

One way to mitigate the chance of malicious injection is to use access controls based on the IP address of the sender of automation messages. In technical terms this is known as access control or filtering based on source IP address.

You can edit the access control list by going to Automation systems in the Administration menu and follow the link at the bottom of the page.

If an automation logging message arrives at Spinitron, it is discarded unless it matches one of the addresses or address ranges in the access control list.

Each list entry is either an IP V4 address or address range prefix in CIDR notation. An example CIDR prefix is 198.178.126.0/24 which matches any IP V4 address starting with 198.178.126.

The rule 0.0.0.0/0 defeats access control since this zero-length prefix matches any IP V4 address. This rule means "allow from anywhere". Any other rules in the list when this one is present will have no effect.

If your automation system has a public static IP address then you can simply add this one address to the list. You do not need the /n suffix, just the address in dot-decimal notation.

Many automation systems exist behind routers that changes the IP address of packets as they pass between the Internet and the local network at the station or campus. In this case, the IP address of the machine running the automation software is irrelevant and you need to find out the address(s) or address range(s) used by the routers. You may need to ask for IT support to find this information.