not sure if there’s an easy solution but thought i would ask?
Is it possible to have an option for users of siteworx to be able to remove their ip address that have been blocked by APF firewall.
It would save on support tickets when people are blocked etc.
This meant to end up in siteworx feature request, not sure how i managed to post in beer garden
can it be moved?
I am sorry, I cannot see how to move to siteworx area of forum on mobile version I am using.
Within APF, I think it is not possible
You could change APF to CSF and I think it is possible.
I cannot remember the user who made the easy installer but it’s in the forums or I can look up and post later when back
Thanks for your reply John
yes i have read its possible with CSF and i could use a plugin to use with WHMCS. Although not sure if i will be staying with WHMCS due to recent changes on my whmcs owned licence
think i would prefer to stay with APF as it works well with BFD, that’s why i was just asking if it was possible.
Can you expand a bit? I’m not entirely certain I understand. Are you asking for the ability for SiteWorx users to remove their IP address via SiteWorx if they are blocked by the firewall from accessing SiteWorx? I’m not certain how that would work.
yes ability for SiteWorx users to remove their IP address via SiteWorx if they are blocked by the firewall from accessing SiteWorx. not a great idea i know but cannot think of another way for users to unblock them self’s.
Its easy enough to change your ip address to be able to login to siteworx to remove the blocked ip.
So, to clarify, so I can run it by the devs if would be possible for a feature request, process would be:
-SiteWorx customer’s IP blocked in AWS
-SiteWorx customer changes their local IP address
-SiteWorx customer can now log into SiteWorx since new IP is not blocked
-Some option in SiteWorx to unblock their old IP
-SiteWorx customer can then switch back to their old local IP and log into SiteWorx
@IWorx-Jenna - sorry to be sure I understand AWS correctly - are you meaning amazon platform
@bear - sorry in UK, most broadband users are dynamic for external IP address, and in my experience, most users that have been locked out either open a ticket or telephone as they do not realise they have been blocked on IP address
Lastly, blocks normally seem to happen because of wrong email password (generally speaking), so unless the user finds what has blocked their IP address another block happens
This then causes frustration and the users simple blame the provider (you)
I missed the AWS part, not sure i understand that part.
Yes John you are correct in what you are saying, i generally receive an email and the first thing i do is check email logs to see why they have been blocked.
I think she meant APF. We use AWS for internal testing/VM stuff so it may just be muscle memory for her to type AWS.
There are a few things that would make such a feature difficult:
1.) We don’t provide the BFD package, which is the part that is doing the automated blocking. While a request to start providing it would be a valid request, it’s not installed by default, which would make it difficult to build/maintain features related to it.
2.) As explained here, this would almost certainly be a bad thing security-wise. This would make working around brute force detection a very simple task for any skilled attacker. For instance, an attacker gains or is given credentials to the server. They set up two boxes (or even a single box) on two different IP addresses. They can use the first IP to attempt to brute-force other accounts on the server and when they run into BFD, use the second IP to unlock themselves again. This would be trivial to do.
Point #2 likely could be mitigated in whatever was built, but given point #1, that becomes a lot more of climb.
Nevertheless, I’ll submit a chain of feature requests that would get us to that position and the dev team will grab them as they see fit.
Thanks for your suggestion.
Scrap that idea
i obviously didn’t think it through enough, i can see its more of a security risk and for a user who is not aware of what is causing their blocking issue. its a bit pointless.
i came across a WHMSC third party addon for submitting blocked ips for removal and at the time thought it would save users time by unblocking them self’s.
Appreciate all your comments to my question, thanks for your time.
I understand the pain point that inspired the request. I used to be a cPanel admin and “unblock me from the firewall” made up at least 25% of our support tickets. Trying to get some people to tell me their IP address was particularly painful. Ha ha.
I’d recommend that if your client has a “common” location that they access from and they are causing a large amount of support tickets, just add it to the whitelist. It’s slightly less secure but at least it requires something to be in a specific location (or appear to be there) which is an extra hoop to jump through.
Oh jeeze what a silly typo. I’ve typed AWS so many times in the last week, it seems my hands don’t know how to type other acronyms starting with “A”. Sorry for the confusion!