Contact Us

support@onapp.com

U.S: (+1) 888-876-8666

UK: +44 (0) 203-318-5364

Remove Whitelist Requirement for Signin

Completed

Comments

6 comments

  • Avatar
    emerion WebHosting

    Hi, I don't know anything about a Whitelist requirement but our customers regularly lock themselves out because of the message being displayed that they should add their current IP to the whitelist or wait 30 seconds to discard this message.

    The problem with this is, that sometimes even experienced admins in this moment don't are aware that they blacklist every other IP if they add an IP to the whitelist!

    This should really be changed from forcing the customers to add a dynamic IP to the Whitelist to just notifying them!! Or at least warn them, that they blacklist every other IP with this action.

    Thanks,

    Alex

    0
    Comment actions Permalink
  • Avatar
    Alan Ritari

    We would also like to be able to disable IP whitelisting, for the reasons mentioned in this thread.  To summarize:

    • We need to connect from arbitrary IPs, often not known in advance.
    • Whitelisting any single address locks everyone else out.
    • It is too easy for clients to lock us out.

    I see this thread has been sitting for 7+ months since the last comment.  Is this feature under consideration? 

    0
    Comment actions Permalink
  • Avatar
    Alan Ritari

    In further testing, I've realized an important misunderstanding on my part.  Whitelisting is scoped to individual user accounts.  (We didn't notice this at first because we used a shared admin account while spinning up our first cloud.)  Scoping reduces the pain significantly, especially since we've moved to a one-account per person model.  We would still like the ability to turn off whitelisting entirely, in order to avoid the modal window.  Thanks for considering.

    0
    Comment actions Permalink
  • Avatar
    Layla Abdullayeva

    Hi,

    IP whitelisting is managed by permissions and can be easily disabled per role.

    0
    Comment actions Permalink
  • Avatar
    Stuart Haresnape

    Hi guys

    There are probably some enhancements that we could make to this functionality to make it more usable. We aren't going to develop this so that it allows more ease of use for shared accounts because this is inherently insecure anyway but we can probably make it easier for users to add new IP addresses if they have already whitelisted an IP.

    As Layla pointed out you can disable whitelisting per role. You can also add 0.0.0.0/0 to your whitelist if you want to so there are a few ways to work around it. We'll add something to the roadmap to enhance the usability but it's not considered urgent from our perspective.

    Regards

    Stuart 

    0
    Comment actions Permalink
  • Avatar
    emerion WebHosting

    Hello,

    for us this is a quite serious issue, because the message is annoying if you have to do something in a hurry and customers lock themselves out every now and then by whitelisting a dynamic IP.

    I confirm, that this brings very much security, but for some customers it is impossible to whitelist an IP because they just don't have a static IP!

    The only solution I finally read in the last comment is, that such customers could whitelist 0.0.0.0/0 - that was new to me. But I am asking myself where we could put this information so our customers can find it.

    I don't want to disable this feature completely for our customers role, because it is a security-feature. But I want a possibility to click away the annoying warning message without having to wait 20 seconds!!

    Regards,

    Alex

    0
    Comment actions Permalink

Please sign in to leave a comment.