diff --git a/ennstatus/api/auth.py b/ennstatus/api/auth.py
new file mode 100644
--- /dev/null
+++ b/ennstatus/api/auth.py
@@ -0,0 +1,13 @@
+from flask import current_app
+from flask.ext.httpauth import HTTPDigestAuth
+
+httpauth = HTTPDigestAuth()
+
+
+@httpauth.get_password
+def get_pw(username):
+
+    if username in current_app.config['ENNSTATUS_SERVERS']:
+        return current_app.confg['ENNSTATUS_SERVERS'][username]['PASSWORD']
+
+    return None
diff --git a/ennstatus/api/views.py b/ennstatus/api/views.py
--- a/ennstatus/api/views.py
+++ b/ennstatus/api/views.py
@@ -12,7 +12,7 @@ import pygeoip
 from ennstatus.status.functions import (single_server, all_servers,
                                         all_servers_by_type)
 from .model import Server
-
+from .auth import httpauth
 
 api_page = Blueprint('api', __name__)
 gi4 = pygeoip.GeoIP('/usr/share/GeoIP/GeoIP.dat', pygeoip.MEMORY_CACHE)
@@ -20,18 +20,25 @@ gi6 = pygeoip.GeoIP('/usr/share/GeoIP/Ge
 
 
 @api_page.route('/update', methods=('POST',))
+@httpauth.login_required
 def update():
 
     current_app.logger.info('Handling update')
-    if current_app.debug:
-        accepted_ips = ['127.0.0.1']
-    else:
-        accepted_ips = current_app.config.get('ENNSTATUS_ACCEPTED_IPS', [])
+
+    try:
+        servers = current_app.config['ENNSTATUS_SERVERS']
+    except KeyError as e:
+        current_app.logger.error(str(e))
+        return abort(500)
 
-    if request.remote_addr not in accepted_ips:
-        current_app.logger.warn('Unallowed IP %s tried to update data!'
-                                % request.remote_addr)
-        return 'IP not allowed!\n', 403, {'Content-Type': 'text/plain'}
+    try:
+        if request.remote_addr not in servers[httpauth.username()]['IPS']:
+            current_app.logger.warn('Unallowed IP %s tried to update data!'
+                                    % request.remote_addr)
+            return 'IP not allowed!\n', 403, {'Content-Type': 'text/plain'}
+    except KeyError as e:
+        current_app.logger.error(str(e))
+        return abort(500)
 
     data = request.get_json()
 
diff --git a/requirements.in b/requirements.in
--- a/requirements.in
+++ b/requirements.in
@@ -1,4 +1,5 @@
 Flask-Bootstrap==3.3.5.6
+Flask-HTTPAuth==2.6.0
 Flask-Mail==0.9.1
 Flask-Moment==0.5.1
 Flask-WTF==0.12
diff --git a/requirements.txt b/requirements.txt
--- a/requirements.txt
+++ b/requirements.txt
@@ -7,6 +7,7 @@
 blinker==1.4              # via flask-mail
 dominate==2.1.12          # via flask-bootstrap
 Flask-Bootstrap==3.3.5.6
+Flask-HTTPAuth==2.6.0
 Flask-Mail==0.9.1
 Flask-Moment==0.5.1
 Flask-WTF==0.12