diff --git a/ykval-config.php b/ykval-config.php
index c4093f4..288103d 100644
--- a/ykval-config.php
+++ b/ykval-config.php
@@ -11,6 +11,10 @@ $baseParams['__YKVAL_DB_OPTIONS__'] = array();
 $baseParams['__YKVAL_SYNC_POOL__'] = array("http://1.2.3.4/wsapi/2.0/sync", 
 					   "http://2.3.4.5/wsapi/2.0/sync", 
 					   "http://3.4.5.6/wsapi/2.0/sync");
+# An array of IP addresses allowed to issue sync requests
+$baseParams['__YKVAL_ALLOWED_SYNC_POOL__'] = array("1.2.3.4", 
+						   "2.3.4.5", 
+						   "3.4.5.6");
 
 # Specify how often the sync daemon awakens
 $baseParams['__YKVAL_SYNC_INTERVAL__'] = 10;
diff --git a/ykval-sync.php b/ykval-sync.php
index 69dc170..8baae97 100644
--- a/ykval-sync.php
+++ b/ykval-sync.php
@@ -15,6 +15,25 @@ if (! $sync->isConnected()) {
   exit;
  }
 
+# 
+# Verify that request comes from valid server
+#
+
+$sync->log('notice', 'remote request ip is ' . $_SERVER['REMOTE_ADDR']);
+$allowed=False;
+foreach ($baseParams['__YKVAL_ALLOWED_SYNC_POOL__'] as $server) {
+  $sync->log('notice', 'checking against ip ' . $server);
+  if ($_SERVER['REMOTE_ADDR'] == $server) {
+    $sync->log('notice', 'server ' . $server . ' is allower');
+    $allowed=True;
+    break;
+  }
+}
+if (!$allowed) {
+  sendResp(S_OPERATION_NOT_ALLOWED, $apiKey);
+  exit;
+ }
+
 #
 # Define requirements on protocoll
 #