During a WordPress Site Cleanup, our tools connect to your server from a fixed set of IP addresses. If your server has access restrictions in place — such as an Apache .htaccess rule, an HTTP authentication gate, an Nginx access policy, or a WordPress security plugin like Wordfence — those restrictions may block our connection and prevent a full cleanup from completing.
This article explains how to whitelist the Monarx IP addresses across the most common server configurations so our engineers can reach your site without interruption.
Monarx IP Addresses
Add all of the following IPs to any whitelist or allowlist you configure:
IP Address | Type |
| IPv4 |
| IPv4 |
| IPv4 |
| IPv4 |
| IPv4 |
| IPv4 |
| IPv4 |
Apache — .htaccess
If your site runs on Apache and has rules in .htaccess that restrict access to the site or to specific directories, add the following block to the top of your .htaccess file so the Monarx IPs are evaluated before any deny rules.
# Monarx Site Cleanup — IP Whitelist
SetEnvIf Remote_Addr "^35\.155\.66\.123$" monarx_ip
SetEnvIf Remote_Addr "^35\.155\.94\.94$" monarx_ip
SetEnvIf Remote_Addr "^44\.233\.225\.38$" monarx_ip
SetEnvIf Remote_Addr "^34\.216\.8\.209$" monarx_ip
SetEnvIf Remote_Addr "^44\.245\.68\.222$" monarx_ip
SetEnvIf Remote_Addr "^52\.88\.67\.19$" monarx_ip
SetEnvIf Remote_Addr "^52\.42\.56\.82$" monarx_ip
<RequireAny>
Require env monarx_ip
Require all granted
</RequireAny>
If you are using the older Apache 2.2-style syntax (Order, Allow, Deny), use this instead:
# Monarx Site Cleanup — IP Whitelist (Apache 2.2)
Order Allow,Deny
Allow from 35.155.66.123
Allow from 35.155.94.94
Allow from 44.233.225.38
Allow from 34.216.8.209
Allow from 44.245.68.222
Allow from 52.88.67.19
Allow from 52.42.56.82
Allow from all
Apache — Bypassing HTTP Authentication (.htpasswd)
If your site is protected by HTTP Basic Authentication (a browser username/password prompt), the Monarx IPs need to be excluded from that gate as well. Add the following to your .htaccess file, inside the same <Directory> or <Location> block where your AuthType Basic directive is defined:
# Monarx Site Cleanup — Bypass HTTP Basic Auth
SetEnvIf Remote_Addr "^35\.155\.66\.123$" monarx_ip
SetEnvIf Remote_Addr "^35\.155\.94\.94$" monarx_ip
SetEnvIf Remote_Addr "^44\.233\.225\.38$" monarx_ip
SetEnvIf Remote_Addr "^34\.216\.8\.209$" monarx_ip
SetEnvIf Remote_Addr "^44\.245\.68\.222$" monarx_ip
SetEnvIf Remote_Addr "^52\.88\.67\.19$" monarx_ip
SetEnvIf Remote_Addr "^52\.42\.56\.82$" monarx_ip
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /path/to/.htpasswd
Require valid-user
# Allow Monarx IPs through without authentication
<RequireAny>
Require env monarx_ip
Require valid-user
</RequireAny>
This configuration allows requests from Monarx IPs to pass through without credentials, while all other visitors are still required to authenticate.
⚠️ Make sure the SetEnvIf lines appear before the AuthType directive, otherwise the environment variable may not be set in time for the Require evaluation.
Nginx
If your server runs Nginx and uses allow/deny directives to restrict access, add the Monarx IPs to your server block or location block. Place the allow directives before any deny all rule:
# Monarx Site Cleanup — IP Whitelist
allow 35.155.66.123;
allow 35.155.94.94;
allow 44.233.225.38;
allow 34.216.8.209;
allow 44.245.68.222;
allow 52.88.67.19;
allow 52.42.56.82;
deny all;
If you only want to restrict access to specific paths (such as an admin area or a staging environment) rather than the entire site, scope the block to a location directive:
location / {
allow 35.155.66.123;
allow 35.155.94.94;
allow 44.233.225.38;
allow 34.216.8.209;
allow 44.245.68.222;
allow 52.88.67.19;
allow 52.42.56.82;
deny all;
}
After editing your Nginx configuration, reload the service for the changes to take effect:
sudo nginx -t && sudo systemctl reload nginx
Wordfence
If the site has Wordfence installed and active, its firewall may block requests from our IPs during the cleanup. To whitelist the Monarx IPs in Wordfence:
Log in to the WordPress admin dashboard.
In the left sidebar, go to Wordfence → Firewall.
Click the All Firewall Options button.
Scroll down to the Whitelisted IP addresses that bypass all rules field.
Add each Monarx IP address on its own line:
35.155.66.123
35.155.94.94
44.233.225.38
34.216.8.209
44.245.68.222
52.88.67.19
52.42.56.82
6. Click Save Changes.
💡 If the site is inaccessible or the WordPress admin is unreachable, Wordfence cannot be configured through the dashboard. In that case, the IPs will need to be whitelisted at the server level using the Apache or Nginx methods above.
Do I Need to Remove the Whitelist After the Cleanup?
No — leaving the Monarx IPs in your whitelist after the cleanup is complete is safe and recommended. These IPs are fixed and belong exclusively to the Monarx cleanup infrastructure. Keeping them whitelisted ensures there are no delays if a future cleanup is needed.
📎 Related articles