Managing Login Whitelist¶
You can configure the IP addresses of destination servers, login IP addresses, login usernames, and user behaviors in the Login Whitelist.
Note
If the destination server IP address, login IP address, and username of a login are all whitelisted, this login will be allowed without checking.
After an IP address is added to a whitelist by following the instructions in Adding Login Whitelist, the alarms (if any) that have been generated for the IP address will not be automatically cleared. Handle the alarms by referring to Viewing Server Alarms.
You can add Login Whitelist in either of the following ways:
Add it to the Login Whitelist when handling false alarms of the Brute-force attack and Abnormal login types. For details, see Viewing Server Alarms.
On the Login Whitelist page, add Login Whitelist.
Adding Login Whitelist¶
Log in to the management console.
Click
in the upper left corner of the page, select a region, and choose Security > HSS. The HSS page is displayed.Choose Detection > Whitelists > Login Whitelist to access the Whitelists page, and click Add.
Figure 1 Adding Login Whitelist¶
On the displayed page, enter the server IP address, login IP address, and login username.
Table 1 Login security whitelist parameters¶ Parameter
Description
Example Value
Server IP Address
IPv4 addresses are supported
Single IP addresses, IP address segments, and masks are supported. Use commas (,) to separate them.
192.168.1.1
192.168.2.1-192.168.6.1
192.168.7.0/24
Login IP Address
Login Username
Current login username
hss_test
Remarks
Custom whitelist description
Test
Click OK.
Other Operations¶
Removing Login Whitelist
To delete a Login Whitelist, select the Login Whitelist to you want to delete and click Delete, or click Delete in the Operation column of the server IP address you want to delete in the Login Whitelist.
Note
Exercise caution when performing the deletion operation because it cannot be rolled back.