Menu

Topic-icon Firewall crosscheck whitelist IPs?

More
1 month 1 week ago #7884 by Jose
Replied by Jose on topic Firewall crosscheck whitelist IPs?

I was commenting on what you said about Priority where you could set the first priority to Whitelist, which means any offending IP would be whitelisted, which makes no sense to me. Unless I'm misunderstanding how your Priority system works.

Yes, you misunderstood how the priority system works. Priority means the list that will be checked in first, second and third place when an IP visits the site.

Suppose we manually add the IP 2.1.1.1 to blacklist and whitelist. What happens if that ip visit our site? Will be blacklisted or whitelisted?
Suppose first priority is set to 'blacklist'. In this case 2.1.1.1 will be banned of our website even having the IP also in whitelist.
Now suppose first priority is set to 'whitelist'. In this case 2.1.1.1 will have access to our website even having the IP also in blacklist.

This isn't the case for my sites. In my experience a record of a failed login or multiple concurrent logins (by Super Users) still appears in the firewall log, even though the user's IP exists in the Whitelist. Have I configured it incorrectly?

There are some settings that have the ability to add IPS to blacklist or dynamic blacklist (for instance the user session protection). This feature allows you to add the IP to any of those lists, so you will see a log entry. But if your ip is into whitelist and first priority is 'whitelist' you should have access to the site.

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • azurelinksc
  • azurelinksc's Avatar Topic Author
  • Offline
  • Junior Boarder
  • Junior Boarder
More
1 month 1 week ago #7887 by azurelinksc
Replied by azurelinksc on topic Firewall crosscheck whitelist IPs?
Ah, now I understand how it works. Thank you Jose! I'm wondering why the default first priority is "Blacklist"? That negates the whole point of having a whitelist. Seems like the default first priority ought to be "Whitelist" to avoid the sort of problems I was running into.

Please Log in or Create an account to join the conversation.

More
1 month 1 week ago #7888 by Jose
Replied by Jose on topic Firewall crosscheck whitelist IPs?
You're welcome!

You're right about setting whitelist at first place; I will change default settings in future version.

Regards,
Jose

Please Log in or Create an account to join the conversation.

More
1 month 1 week ago #7890 by Jose
Replied by Jose on topic Firewall crosscheck whitelist IPs?
Hi azurelinksc,

Since 3.2 version 'Whitelist' will be set as first priority.

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • azurelinksc
  • azurelinksc's Avatar Topic Author
  • Offline
  • Junior Boarder
  • Junior Boarder
More
1 month 1 day ago #7900 by azurelinksc
Replied by azurelinksc on topic Firewall crosscheck whitelist IPs?
Thanks Jose! Glad to hear it!

Please Log in or Create an account to join the conversation.

More
1 month 1 day ago #7901 by Jose
Replied by Jose on topic Firewall crosscheck whitelist IPs?
Thank you very much to you for your suggestion! :)

Regards,
Jose

Please Log in or Create an account to join the conversation.

Time to create page: 0.096 seconds
Powered by Kunena Forum

Login or Sign In