Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All
     

    Related Documentation

     

    Security Engine Whitelist Settings

    There are various types of whitelists to which you can add any valid IP address or CIDR block. To access the Whitelist screen, do the following:

    Navigate to Configuration > Security Engine > Whitelists. The following types of whitelists are available:

    • IP-Address-Based Whitelist: The IP addresses in this list will not trigger incidents. This list is intended for internal network traffic such as health checks and vulnerability scanners. Click Add New to enter IP addresses to be added to this list.
    • X-Forwarded-For / Location Header Address Exclusions: The IP addresses in this list are stripped off of the X-Forwarded-For header. This effectively trusts that the next IP address in the chain is a genuine address. Click Add New to enter IP addresses to be added to this list.

    Tip:

    • If you only provide an IP address without a subnet mask , a /32 mask (i.e. a single IP address) is implied. If you provide any other mask, it will be used instead.
    • You should enter values in a x.x.x.x/y format (the standard, dotted quad, ipv4 format).
    • Any CIDR block entered in dotted quad notation with a decimal prefix 1-32 is valid (x.x.x.x/x).

    Figure 1: Whitelists

    Whitelists
     

    Related Documentation

     

    Published: 2015-02-04