Adding Whitelists

Adding Hosts

To add hosts to the AP whitelist, simply:

1. Log into the AP gui

2. click on the AP tab

3. click on “blocking”

4. select the “whitelist” tab

5. At the bottom of the blocking window you will see the field “IP:”, enter the IP into that field

6. Optionally enter a reason for this entry in the “reason” field

7. Click the “Whitelist IP” button

---

Removing Hosts

To remove hosts from the AP whitelist, simply:

1. Log into the AP gui

2. click on the AP tab

3. click on “blocking”

4. select the “whitelist” tab

5. Scroll down to the IP you wish to remove

6. Click on the “-” button to the right of the IP you wish to remove from the whitelist.

---

Applying the Whitelist to the Firewall

By default hosts on the whitelist will not be shunned by the active response system. However they will not universally trusted by the firewall and will still be restricted based on your firewall policy. To allow a whitelisted host access to any port on the system, enable this option in AP: FW_WHITELIST

---

Applying the Whitelist to the WAF

By default hosts on the whitelist will not be shunned by the active response system. However they will not universally trusted and attacks from these IPs will still be blocked by the WAF. To trust all whitelisted hosts with the WAF enable this option in AP: MODSEC_00_WHITELIST