Network / Configuring IP filtering
Parent topic: Configuring IP filtering

Configuring a blacklist

A blacklist allows you to specify IP addresses that restrict access to the Cleo Harmony, Cleo VLTrader, and Cleo LexiCom applications through FTP/FTPs, SSH FTP/SSH FTPs, HTTP/HTTPs, along with general web UI access through the Cleo VLTrader or Cleo LexiCom and Cleo VLNavigator applications.

It is important to understand that blacklist entries will take higher priority than whitelist entries. For example, if an IP is on both lists, access is denied from that IP. Set up blacklisting by specifying parameters for automated blacklist additions or by manually adding IP addresses to the blacklist. Configure your blacklist on the Blacklist tab on the IP Filter dialog box.

Note: If your architecture includes a load balancer placed in front of the Cleo Harmony, Cleo VLTrader, Cleo LexiCom or Cleo VLProxy application, and the IP address sent to the Cleo Harmony, Cleo VLTrader, Cleo LexiCom or Cleo VLProxy application is the address of the load balancer rather than the originating source, blacklisting could possibly result in blocking all traffic through the load balancer. If you are using a load balancer, consider using the load balancer’s firewall capabilities to manage your blacklisting needs.
  1. In the web UI, go to Administration > Network > IP Filters. In the native UI, go to Tools > IP Filters.

    The IP Filters page appears.

  2. Click the Blacklist tab.
  3. Do one or both of the following:
    • Configure Automatic IP Blacklisting

      If Lock out IP is enabled, after the specified number of failed login attempts within the specified number of seconds, the IP is blacklisted for the specified number of minutes. If the minutes are not specified (the field is left blank), the IP is blacklisted until manually removed by the user.

      Select Blacklist REST API Requests to trigger automatic IP blacklisting for failed REST API requests.

    • Manually add IP addresses to the blacklist
      1. Click Add Blocked IP to display the New Blacklisted IP dialog box.
      2. In the IP field, enter an IP address you want to block.
      3. In the Until field, choose Forever to deny access to the IP address permanently or Never to never let the IP address be blacklisted.

        The other fields in the dialog box are read-only.

      4. Click OK.
  4. In the native UI, click Close to dismiss the IP Filters dialog box.
Parent topic: Configuring IP filtering
© 2018 Cleo. All rights reserved.