Updated on 2024-04-15 GMT+08:00

Configuring the Login Whitelist

You can configure the IP addresses of destination servers, login IP addresses, login usernames, and user behaviors in the whitelist.

  • If the destination server IP address, login IP address, and username of a login are all whitelisted, this login will be allowed without checking.
  • After an IP address is added to a whitelist by following the instructions in Adding Login Information to the Login Whitelist, the alarms (if any) that have been generated for the IP address will not be automatically cleared. Handle the alarms by referring to Viewing Intrusion Alarms.

You can add login information to the login whitelist in the following ways:

  • Add it to the whitelist when handling false alarms of the Brute-force attack and Abnormal login types. For details, see Viewing Intrusion Alarms.
  • Add it to the login whitelist on the Login Whitelist tab.

Constraints

Any of the premium, WTP, or CGS editions must be enabled.

Adding Login Information to the Login Whitelist

  1. Log in to the management console.
  2. In the upper left corner of the page, click , select a region, and choose Security > Host Security Service.
  3. Choose Detection > Whitelists > Login Whitelist to access the Whitelists page, and click Add.
  4. On the displayed page, enter the server IP address, login IP address, and login username.

    Table 1 Login security whitelist parameters

    Parameter

    Description

    Example Value

    Server IP Address

    • IPv4 addresses are supported
    • Single IP addresses, IP address segments, and masks are supported. Use commas (,) to separate them.
    • 192.168.1.1
    • 192.168.2.1-192.168.6.1
    • 192.168.7.0/24

    Login IP Address

    Login Username

    Current login username

    hss_test

  5. Click OK.

Other Operations

Removing login information from login whitelist

To delete a piece of login information from the whitelist, select it and click Delete, or click Delete in its Operation column.

Exercise caution when performing the deletion operation because it cannot be rolled back.