What are the permissions allowed to an IP added to CSF whitelist?

Post Reply
virtualorbis
Junior Member
Posts: 9
Joined: 24 Sep 2012, 15:58

What are the permissions allowed to an IP added to CSF whitelist?

Post by virtualorbis »

Recently I had to add the IP of a customer's technician that had to make a vulnerability to my CSF whitelist
so he can complete the vulnerability test to one of my servers, because CSF was blocking it just when he
started a port scanning (which is good).

However he sent a report stating that a lot of ports are open, putting me to shame, and now I am wondering if I did something wrong.

If that is the case what are the recommended steps for this situations
datalude
Junior Member
Posts: 7
Joined: 09 Apr 2019, 03:13

Re: What are the permissions allowed to an IP added to CSF whitelist?

Post by datalude »

For a start he should be performing the penetration test as a hacker would see the server. Which means that he shouldn't have requested you to whitelist his IP address, in my opinion.
But as CSF is blocking IP addresses by assessing from the logs how often they hit the server, it still means the ports are open. If you're using those ports, they need to be open. No shame in that. If you're not using those ports, then they should be closed.
Post Reply