Restricting access involves allowing or blocking connections based on the Internet Protocol (IP) address or associated domain name of a requesting device. Instead of authenticating individual users, this method controls access by identifying the source network location, differentiating it from user-based permissions. Network firewalls, web servers, and security applications implement rules, often called Access Control Lists (ACLs), that explicitly permit or deny traffic originating from specified IP addresses or resolve domain names to their corresponding IPs for filtering.

For instance, a company website administrator might configure a web server to only accept connections coming from the IP ranges assigned to their corporate offices, blocking external visitors. Similarly, cloud service providers often use IP restrictions to secure administration portals, allowing access solely from trusted network locations, such as the IP of the IT department's network gateway or specific whitelisted partner domains.

This approach enhances security by preventing unauthorized network access from known bad actors or unapproved regions and simplifies access management for known, static network locations. However, its limitations include the burden of managing IP/domain lists as networks change, potential IP spoofing attacks, and the inability to verify individual user identity, potentially leaving accounts vulnerable. Future trends lean towards combining IP restrictions with stronger methods like multi-factor authentication and adopting zero-trust principles.