Restoring Access After Applying a Full-Deny IP Access Control Rule on a ServiceNow Instance<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #7057C7; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: block; max-width: ; width: auto; height: auto; } } Issue Definition: When testing IP Access Control (IPAC) on a ServiceNow instance (typically a DEV or TEST instance), administrators may configure a rule to deny access to all IP addresses (e.g., 0.0.0.0 - 255.255.255.255).This action can result in complete loss of access to the instance for all users, including administrators, with no ability to reverse the change through the UI. Resolution: If access is unintentionally blocked due to an overly restrictive IPAC rule: Do not panic. ServiceNow provides a recovery mechanism via the HI Support team. Contact ServiceNow HI Support immediately by: Logging a case via the HI portalProvide the instance name and the approximate time of rule application.The HI team will assist in removing or modifying the IP Access Control rule to restore access. 🔐 Best Practice Tip: Always include a fail-safe IP allowlist rule (e.g., your own IP or a trusted subnet) before applying a full-deny rule to avoid being locked out.