Enable security features

InfluxDB 2.7 provides optional security features that ensure your InfluxDB instance is secure in whatever environment it’s used in.

To enable all additional security features, use the hardening-enabled configuration option when starting InfluxDB.

Security features

Private IP Validation

Some Flux functions (to(), from(),, etc.), template fetching and notification endpoints can require InfluxDB to make HTTP requests over the network. With private IP validation enabled, InfluxDB first verifies that the IP address of the URL is not a private IP address.

IP addresses are considered private if they fall into one of the following categories:

  • IPv4 loopback (
  • RFC1918 (,,
  • RFC3927 (
  • IPv6 loopback (::1/128)
  • IPv6 link-local (fe80::/10)
  • IPv6 unique local (fc00::/7)

Private IP considerations

If your environment requires that these authenticated HTTP requests be made to private IP addresses, omit the use of --hardening-enabled and consider instead setting up egress firewalling to limit which hosts InfluxDB is allowed to connect.

Was this page helpful?

Thank you for your feedback!

The future of Flux

Flux is going into maintenance mode. You can continue using it as you currently are without any changes to your code.

Flux is going into maintenance mode and will not be supported in InfluxDB 3.0. This was a decision based on the broad demand for SQL and the continued growth and adoption of InfluxQL. We are continuing to support Flux for users in 1.x and 2.x so you can continue using it with no changes to your code. If you are interested in transitioning to InfluxDB 3.0 and want to future-proof your code, we suggest using InfluxQL.

For information about the future of Flux, see the following: