Whitelist

更新时间:2024-10-28 17:31:35

Whitelist can allow requests you trust to bypass all security policies. It can commonly be used in the following scenarios:

  • Allowing the IP addresses of your internal network or trusted suppliers.
  • Excluding low-risk internal operations from security policies to mitigate any impact on routine business activities.
  • Mitigating false positive situation: If your service request is mistakenly intercepted because it has certain attack characteristics, you can temporarily allow the requests to pass through Whitelist.

To configure Whitelist:

  1. Log in to the CDNetworks Console, find the security product in use under Subscribed Products.
  2. Go to Security part, Configurations > Policies.
  3. Find the hostname for which you want to configure security policies, click image.png.
  4. Go to Whitelist tab. If this policy is off, turn it on.

Create a Whitelist rule

  • On the Whitelist tab. Click Create.
  • In Rule Name, enter a name for the custom rule.
  • If you want, enter a Description.
  • At least one matching condition must be configured. If multiple values can be entered for the same matching condition, the relationship between these values is “or”. Please separate different values by line breaks. The supported matching conditions can be found in the Match Conditions.
  • If you want, add another rule condition. When you set multiple conditions, they’re strung together with an AND operator.
  • Select the action.
  • Click Confirm.
  • Click Publish Changes to make the configuration take effect.

Example

Allow requests that include ‘sysconf’ in the path and have a client IP of 1.1.1.1. Configuration is as follows:

  • Rule Name: whitelist_example
  • Match Conditions: IP/CIDR equals 1.1.1.1 AND Path contains sysconf
本篇文档内容对您是否有帮助?
有帮助
我要反馈
提交成功!非常感谢您的反馈,我们会继续努力做到更好!