Managing Login Whitelist

You can configure the IP addresses of destination servers, login IP addresses, login usernames, and user behaviors in the Login Whitelist.

Note

  • If the destination server IP address, login IP address, and username of a login are all whitelisted, this login will be allowed without checking.

  • After an IP address is added to a whitelist by following the instructions in Adding Login Whitelist, the alarms (if any) that have been generated for the IP address will not be automatically cleared. Handle the alarms by referring to Viewing Server Alarms.

You can add Login Whitelist in either of the following ways:

  • Add it to the Login Whitelist when handling false alarms of the Brute-force attack and Abnormal login types. For details, see Viewing Server Alarms.

  • On the Login Whitelist page, add Login Whitelist.

Adding Login Whitelist

  1. Log in to the management console.

  2. Click image1 in the upper left corner of the page, select a region, and choose Security > HSS. The HSS page is displayed.

  3. Choose Detection > Whitelists > Login Whitelist to access the Whitelists page, and click Add.

    **Figure 1** Adding Login Whitelist

    Figure 1 Adding Login Whitelist

  4. On the displayed page, enter the server IP address, login IP address, and login username.

    Table 1 Login security whitelist parameters

    Parameter

    Description

    Example Value

    Server IP Address

    • IPv4 addresses are supported

    • Single IP addresses, IP address segments, and masks are supported. Use commas (,) to separate them.

    • 192.168.1.1

    • 192.168.2.1-192.168.6.1

    • 192.168.7.0/24

    Login IP Address

    Login Username

    Current login username

    hss_test

    Remarks

    Custom whitelist description

    Test

  5. Click OK.

Other Operations

Removing Login Whitelist

To delete a Login Whitelist, select the Login Whitelist to you want to delete and click Delete, or click Delete in the Operation column of the server IP address you want to delete in the Login Whitelist.

Note

Exercise caution when performing the deletion operation because it cannot be rolled back.