# Configuring Host-Based Security

You can use a firewall to restrict which hosts can access SingleStore. For example, if you’re running a SingleStore cluster on Amazon EC2, you can configure security groups to restrict network access by specifying allowed IP addresses or security groups.

You can also set the `bind-address` variable to restrict the range of IP addresses which are allowed to connect to SingleStore. For example, if you set it to `127.0.0.1`, you will only be able to connect to SingleStore locally. See `bind_address` in the [Non-Sync Variables List](https://docs.singlestore.com/db/v9.1/reference/configuration-reference/engine-variables/list-of-engine-variables/#non-sync-variables-list.md).

***

Modified at: June 22, 2022

Source: [/db/v9.1/security/configuring-host-based-security/](https://docs.singlestore.com/db/v9.1/security/configuring-host-based-security/)

(An index of the documentation is available at /llms.txt)