ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

What are the permissions allowed to an IP added to CSF whitelist?

https://mail.forum.configserver.com/viewtopic.php?t=11269

Page 1 of 1

What are the permissions allowed to an IP added to CSF whitelist?

Posted: 04 Apr 2019, 15:55
by virtualorbis
Recently I had to add the IP of a customer's technician that had to make a vulnerability to my CSF whitelist
so he can complete the vulnerability test to one of my servers, because CSF was blocking it just when he
started a port scanning (which is good).

However he sent a report stating that a lot of ports are open, putting me to shame, and now I am wondering if I did something wrong.

If that is the case what are the recommended steps for this situations

Re: What are the permissions allowed to an IP added to CSF whitelist?

Posted: 09 Apr 2019, 04:20
by datalude
For a start he should be performing the penetration test as a hacker would see the server. Which means that he shouldn't have requested you to whitelist his IP address, in my opinion.
But as CSF is blocking IP addresses by assessing from the logs how often they hit the server, it still means the ports are open. If you're using those ports, they need to be open. No shame in that. If you're not using those ports, then they should be closed.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited