The docs indicate that there is a way to restrict access to the REST API (/tyk/*) by IP, but I cannot find a way to do this. Could someone tell me how this might be done? We are using version 2.8.3 if that helps.
Yes, you can set
control_api_port to have the APi listen on a protected port (which may be blocked by firewall)