Managing the Login Whitelist
You can configure the IP addresses of destination servers, login IP addresses, login usernames, and user behaviors on the Login Whitelist tab page.
You can:
- Add the false alarms of the Brute-force attack and Abnormal login types to the whitelist. For details, see Viewing Server Alarms.
- Add whitelist items on the Login Whitelist tab page.
Constraints
- If the destination server IP address, login IP address, and username of a login are all whitelisted, this login will be allowed without checking.
- To unblock IP addresses, add the IP address to the whitelist of the login security detection policy. For details, see Login Security Check.
Adding Login Whitelist
- Log in to the management console.
- In the upper left corner of the page, select a region, click
, and choose Security & Compliance > Host Security Service. - Choose Detection & Response > Whitelists. Click Login Whitelist and click Add.
Figure 1 Adding Login Whitelist
- (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
- On the displayed page, enter the server IP address, login IP address, and login username.
Table 1 Login Whitelist parameters Parameter
Description
Example Value
Server IP Address
IP address or subnet mask of the destination server.
- IP address: for example, 192.168.1.1 or 16A0::1
- IP subnet mask: for example, 192.168.7.0/24 or 16A0:10:AB00:1E::/64
192.168.1.1
Login IP Address
Login Username
Current login username
hss_test
Remarks
Custom whitelist description
Test
Handle historical alarms
After this option is selected, login alarms that have been generated will be synchronized.
Selected
- Click OK.
Removing an Item from the Login Whitelist
Exercise caution when performing this operation. Whitelisted login alarms cannot be restored after removal, and will be reported once triggered. Up to 1000 alarm whitelist items can be deleted under an account.
- Delete a login whitelist item
- In the Operation column a server, click Delete.
- On the Delete Whitelisted Login Item page, confirm the information to be deleted, enter DELETE, and click OK.
- Return to the login alarm whitelist. Verify that the deleted login whitelist item is not displayed in the list.
- Delete multiple login whitelist items
- Select whitelist items and click Delete above the list.
- On the Delete Login Alarm Whitelist page, confirm the information to be deleted, enter DELETE, and click OK.
- Return to the login alarm whitelist. Verify that the deleted login whitelist item is not displayed.
- Delete all login whitelist items
- Click Delete above the login whitelist.
- In the Delete All dialog box, confirm the information to be deleted, enter DELETE, and click OK.
- Return to the login alarm whitelist. Verify that the deleted login whitelist item is not displayed.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
