Defining the allowlist

As an administrator, you can restrict access to CES through approved hosts only. This adds a layer of security against host header poisoning attacks. You can manage the approved hosts in a table. 

On the Allowlist tab, you can view the hosts. Some hosts appear by default and are tied to the machine on which CES is installed. These pre-approved hosts cannot be deleted and appear grayed-out in the table.

Turn on the Enable allowlist toggle switch to allow access to CES to only those hosts on the allowlist. Turning the switch off allows a user to access CES through any host.

You can perform the following actions only when you turn on Enable allowlist:

Purpose

Action

Add a host.

Click Add. Enter the relevant value and click image-2023-7-6_18-37-26.png.

Remove a host.

Click Delete.pngin the relevant row.

Delete one or more manually added hosts from the allowlist.

Select the checkboxes in the relevant rows and click Delete.

Refresh the records.

Click Refresh.png.


Important

  • We recommend that you exercise caution when turning on the Enable allowlist switch knowing that, once enabled, you will only be able to access CES through those hosts on the allowlist.
  • You can only delete those hosts that you have added.

Related topics

Defining-the-web-server-settings

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*