v.20.1New Feature

Add remote_url_allow_hosts section to config.xml for host restrictions

Published: November 25, 2025

Add section <remote_url_allow_hosts> in config.xml which restricts allowed hosts for remote table engines and table functions URL, S3, HDFS. #7154 (Mikhail Korotov)

Added a new <remote_url_allow_hosts> section in config.xml to restrict allowed hosts for remote table engines and table functions like URL, S3, and HDFS.

Why it matters

This feature enhances security by allowing administrators to control and limit which remote hosts can be accessed by ClickHouse when using URL-based table engines and table functions. It prevents unauthorized or unsafe remote data sources from being accessed, thereby reducing potential security risks.

How to use it

To use this feature, add the <remote_url_allow_hosts> section in your config.xml file and specify the allowed hosts. Only hosts listed in this section will be accessible for remote tables and the URL, S3, and HDFS table functions.

Related resources

Pull Request #7154