Everflow Server IPs - Everflow Helpdesk

The IP addresses used when Everflow Postbacks are fired. Whitelisting these IPs in your firewall is critical to prevent the 'Silent Blackout' - where conversions are lost with no error message, bleeding revenue invisibly.

Overview

When Everflow fires a server-to-server (S2S) postback to notify your advertiser's system of a conversion, the request originates from one of our dedicated server IP addresses. Your advertiser's firewall must recognize and allow these IPs; otherwise, postback signals will be silently blocked - creating the "Silent Blackout" scenario where conversions vanish without warning or error codes.

This article provides the complete list of Everflow Server IPs, explains why whitelisting is mandatory for revenue protection, and includes interactive tools to help you configure your firewall correctly across multiple platforms.

Everflow Postback IP Addresses

Copy individual IPs or use "Copy All" to get the complete list for your firewall configuration:

📋 Everflow Postback IP Addresses

35.196.95.104

34.138.191.250

34.138.95.128

34.91.131.78

34.147.37.169

34.147.67.230

34.73.83.118

35.227.72.33

34.74.122.67

Why IP Whitelisting Matters

Without proper IP whitelisting, your firewall may block Everflow's postback requests, creating catastrophic but invisible conversion loss:

⚠The "Silent Blackout" - Revenue Protection Alert

What happens when these IPs aren't whitelisted?

Unlike standard tracking errors that show up in your reports, a firewall block creates an invisible failure. Your postback appears to send successfully from Everflow's side, but it never reaches your advertiser's server to record the conversion.

The Result: Lost conversions with no error message, no warning, and no way to know revenue is bleeding away until it's too late.

🔄 The Postback Journey

Understanding how IP whitelisting protects your revenue

🚚

Everflow Server

Sends postback from
35.196.95.104

→

🛡️

Firewall (Whitelisted)

IP recognized
✅ Access granted

→

💰

Advertiser Server

Conversion recorded
✅ Revenue tracked

🚚

Everflow Server

Sends postback from
35.196.95.104

→

🚫

Firewall (NOT Whitelisted)

IP unrecognized
⛔ Blocked silently

✖

❌

Advertiser Server

Never receives data
⚠️ Conversion lost

✅

IPs Whitelisted

What you see:
• Conversions appear in reports
• Partners get credited
• Revenue flows normally
• 200 OK response codes

What happens:
Firewall recognizes Everflow's IPs and allows postback signals through. Your advertiser's server receives and processes conversion data normally.

⛔

IPs NOT Whitelisted

What you see:
• Clicks tracked normally
• No error codes in Everflow
• Zero conversions
• Partners complain

What happens:
Firewall silently drops Everflow's postback requests. Server never receives conversion signal. You lose revenue with no warning or error message.

Think of postbacks like delivery trucks arriving at a gated community. The firewall is the security guard checking IDs at the gate.

How To Whitelist IPs In Your Firewall

Select your firewall/cloud platform below for step-by-step whitelisting instructions. Each guide is tailored to the specific interface and terminology of your infrastructure:

🛡️ Firewall Configuration Wizard

Select your platform to see step-by-step whitelisting instructions

☁️

Cloudflare

🔶

AWS Security Groups

🔵

Google Cloud

🔷

Azure

📦

cPanel/WHM

☁️

Cloudflare Custom Rules (Recommended)

⚠️ Note: Cloudflare is rolling out a new dashboard. Navigation may vary. You can toggle between old/new interfaces in Settings.

1 Create IP List (New Dashboard - Recommended)

Log into Cloudflare → Select your domain → Security → WAF → Tools → Lists → Create new list

• List name: everflow-postback-ips
• Description: Everflow server IPs for postback whitelisting
• Add entries: Paste all 9 IPs (one per line)
• Click Deploy

2 Create Custom Rule

Navigate to: Security → WAF → Custom Rules → Create rule

Configure the rule:
• Rule name: Allow Everflow Postbacks
• If incoming requests match:
   Field: Source IP Address
   Operator: is in list
   Value: everflow-postback-ips
• Then take action: Skip → Select All remaining custom rules and All managed rulesets
• Click Deploy

⚠️ Security Note: The "Skip" action bypasses WAF Managed Rules and rate limiting for these IPs. Only whitelist trusted sources.

3 Alternative: IP Access Rules (Legacy Method)

New Dashboard: Security → Security Rules → Create rule → IP access rules
Legacy Dashboard: Security → WAF → Tools → IP Access Rules

For each IP:
• Value: Enter one Everflow IP (e.g., 35.196.95.104)
• Action: Allow
• Zone: This website (or All websites in account)
• Note: "Everflow Postback Server"

✅ Verification: Test a postback and check Security Events (not "Firewall Events"). Note: Allow rules may not appear in logs by design.

🔶

AWS Security Groups Configuration

1 Open EC2 Console

Sign into AWS Console → Navigate to EC2 → Select Security Groups from the left sidebar

2 Select Your Security Group

Find the security group attached to your advertiser server instance → Click the Security Group ID

3 Add Inbound Rules

Click Edit inbound rules → Click Add rule for each IP:

• Type: HTTPS (or Custom TCP if using non-standard port)
• Protocol: TCP
• Port: 443 (or your postback endpoint port)
• Source: Custom → Enter IP with /32 (e.g., 35.196.95.104/32)
• Description: "Everflow Postback"

⚠️ Important: Use the /32 CIDR notation to whitelist individual IPs only, not entire subnets.

4 Save Rules

Click Save rules → Changes take effect immediately

✅ Stateful Firewall: Security Groups automatically allow return traffic. No separate outbound rules needed for responses.

✅ Default Limit: 60 rules per security group (adjustable via AWS Support).

⚠️ Security Warning: Never expose SSH (port 22) or RDP (port 3389) to 0.0.0.0/0 (anywhere). Use specific IPs only for management ports.

🔵

Google Cloud Firewall Configuration

1 Access Firewall Policies

Open Google Cloud Console → Navigate to Firewall policies
(Direct URL: console.cloud.google.com/net-security/firewall-manager/firewall-policies/list)

Alternative: VPC Network → Select your network → Firewalls tab

2 Create Firewall Rule

Click Create Firewall Rule with these settings:

• Name: allow-everflow-postbacks
• Direction of traffic: Ingress
• Action on match: Allow
• Targets: Specified target tags (or All instances)
• Source filter: IPv4 ranges
• Source IPv4 ranges: Enter IPs - see critical note below ⚠️

⚠️ CRITICAL FORMAT: In the Console UI, you MUST press Tab (not comma) between IP entries. Each IP requires /32 suffix.

Correct: Type 35.196.95.104/32 → Press Tab → Type 34.138.191.250/32 → Press Tab

Incorrect: Comma-separated format only works in gcloud CLI, not Console UI.

3 Configure Protocols

• Protocols and ports: Specified protocols and ports
• Select tcp → Enter port 443 (or your custom port)
• Priority: 1000 (default) or lower number for higher priority

✅ Best Practice: Use priority gaps (100, 200, 300) to leave room for future rule insertions.

✅ Modern Approach: Google recommends Global Network Firewall Policies over legacy VPC rules for multi-VPC environments.

🔷

Azure Network Security Group (NSG)

1 Navigate to NSG

Azure Portal → Search for Network Security Groups → Select your NSG

2 Add Inbound Security Rule

Click Inbound security rules → Click + Add

For each Everflow IP, create a rule:
• Source: IP Addresses
• Source IP addresses: Enter one IP (e.g., 35.196.95.104)
• Destination: Any (or specific subnet)
• Service: HTTPS
• Action: Allow
• Priority: 100-200 (lower = higher priority)
• Name: Allow-Everflow-IP-1

⚠️ Priority Note: Ensure Everflow rules have higher priority (lower number) than any default deny rules.

✅ Multi-IP Support: Azure allows comma-delimited IPs in a single rule: 35.196.95.104, 34.138.191.250, 34.138.95.128

✅ Stateful Firewall: Return traffic automatically allowed. Rule changes only affect new connections.

✅ Limits: Maximum 1,000 rules per NSG, 5,000 NSGs per subscription.

⚠️ Migration Notice: NSG flow logs retire September 30, 2027. Migrate to Virtual Network flow logs after June 30, 2025.

📦

cPanel/WHM ConfigServer Firewall (CSF)

⚠️ 2024 Update: ConfigServer Ltd ceased operations. CSF is now community-maintained. Update to v15.00+ from the community GitHub repository.

1 Access ConfigServer Firewall

Log into WHM → Search for ConfigServer Security & Firewall
(Or navigate via: WHM → Plugins → ConfigServer Security & Firewall)

2 Whitelist IPs (Quick Allow - No Restart Required)

Recommended Method: Use csf - Quick Actions or click Quick Allow

Add each Everflow IP to the allowlist. This method applies changes immediately without restart.

3 Alternative: Edit csf.allow File (Requires Restart)

If editing the csf.allow file directly:

Add each Everflow IP, one per line with comment:

196.95.104 # Everflow Postback

138.191.250 # Everflow Postback

138.95.128 # Everflow Postback

91.131.78 # Everflow Postback

147.37.169 # Everflow Postback

147.67.230 # Everflow Postback

73.83.118 # Everflow Postback

227.72.33 # Everflow Postback

74.122.67 # Everflow Postback

⚠️ Format: Use IP.ADD.RE.SS # Comment with space-hash-space. Comments must be on the same line as the IP.

4 Restart Firewall (Only if Editing Files)

Restart Required:
• Editing csf.allow file in WHM → Click Restart csf+lfd
• Direct file edit via SSH → Run csf -r

No Restart Required:
• Quick Allow (WHM GUI) → Applies immediately
• Command: csf -a IP.ADD.RE.SS → Applies automatically

✅ Complete Whitelisting: For trusted IPs that should bypass all checks including Login Failure Daemon (LFD), add to both csf.allow and csf.ignore.

Or enable: IGNORE_ALLOW = "1" in csf.conf to automatically treat csf.allow entries as csf.ignore.

Verify Your Configuration

After whitelisting Everflow IPs, use this diagnostic checklist to verify everything is configured correctly. Work through each layer systematically to identify any remaining issues:

🔍 IP Whitelisting Diagnostic Checklist

Follow these forensic steps to verify your Everflow server IPs are properly configured. Check off each item as you complete it.

1️⃣ Whitelisting Verification

Confirm IPs are added to your firewall

What to check:
Verify all 9 Everflow Server IPs are listed in your firewall's whitelist or allowlist.

Where to look:
• AWS: EC2 → Security Groups → Inbound Rules
• Cloudflare: Security → WAF → IP Access Rules
• Google Cloud: VPC Network → Firewall → Rules
• Azure: Network Security Groups → Inbound Rules
• cPanel: ConfigServer Firewall → Allow IPs

⚠️ Common Mistake: Adding IPs to the wrong firewall layer. If you have both a cloud firewall (AWS Security Group) AND a server-level firewall (iptables), you must whitelist in BOTH places.

Verify correct port configuration

Action:
Ensure your firewall allows traffic to the port your postback endpoint uses (typically port 443 for HTTPS or port 80 for HTTP).

💡 Tip: Most postback endpoints use HTTPS (port 443). If your endpoint uses a custom port, make sure that port is open for inbound traffic from Everflow IPs.

Check for conflicting deny rules

What to look for:
Firewall rules are evaluated by priority. A "deny all" rule with higher priority can block Everflow IPs even if they're in your allowlist.

Fix:
Ensure your Everflow IP allow rules have a higher priority (lower number in AWS/Azure) than any broad deny rules.

2️⃣ Response Code Validation

Check for 200 OK responses in Everflow

Where to check:
In Everflow, navigate to: Reporting → Partner Postback Report

What you're looking for:
• Response Code: 200 or 300-series = Success ✅
• Response Code: 4xx (400, 403, 404) = Endpoint issue or firewall block ⛔
• Response Code: 5xx (500, 502, 504) = Server error ❌
• No Response / Timeout = Firewall blocking silently 🚫

💡 What 200 OK means: Your advertiser's server received the postback and successfully processed it. This confirms IPs are whitelisted correctly.

Review Debug Info for failed postbacks

How to access:
In the Partner Postback Report, click the ⋮ menu on any row → Select "View Debug Info"

Look for clues:
• "Connection refused" = Firewall is blocking
• "Connection timeout" = Server not reachable or firewall dropping packets
• "403 Forbidden" = Server received request but denied it (check IP whitelist on server)
• "SSL handshake failed" = Certificate issue (see Layer 3)

Check your server's access logs

What to do:
Review your server's HTTP access logs to see if requests from Everflow IPs are arriving.

What you should see:

35.196.95.104 - - [06/Jan/2026:14:23:45] "POST /postback HTTP/1.1" 200 -

If you see nothing: The firewall is blocking before requests reach your server (Silent Blackout).

3️⃣ SSL & Protocol Integrity

Verify endpoint uses HTTPS

Why this matters:
Insecure http:// endpoints may be blocked by modern browser security or Everflow's "Force SSL" settings.

Action:
Confirm your postback endpoint URL starts with https:// not http://

⚠️ Critical for Finance/Healthcare: These verticals require HTTPS for compliance. Ensure your SSL certificate is valid and not expired.

Check SSL certificate validity

Test your certificate:
Use SSL Labs Test (ssllabs.com/ssltest) to verify your server's SSL configuration.

Common issues:
• Certificate expired
• Self-signed certificate (not trusted)
• Incorrect certificate chain
• TLS version mismatch (must support TLS 1.2+)

Diagnostic Progress: 0/9 Complete

Request IT Support

If your technical team handles firewall configuration, use this template generator to create a professional, complete request email with all necessary details:

📧 IT Team Email Template Generator

Generate a ready-to-send email requesting your IT team whitelist Everflow's server IPs

Customize Your Email

Your Name:

Your Company Name:

IT Contact Name (optional):

Advertiser/Partner Name (optional):

Postback Endpoint (optional):

📧 Your Email Template

🔗 Related Resources

Explore these related articles to complete your postback configuration:

➔ Understanding Tracking With S2S Postbacks
➔ How To Test Partner Postbacks
➔ IP & Domain Whitelisting For Advertisers

Did This Help You Today?

Yes

Next in This Series

Lorem Ipsum Dolor Sit