Author Topic: CWP Support IP's?  (Read 5553 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
CWP Support IP's?
« on: March 30, 2020, 04:03:13 PM »
I'm setting up my FireWall whitelist and I'm thinking it might be a good idea to explicitly allow in all CWP Support IPs...

but I can't find this suggestion or info mentioned anywhere. 

Should I do this... or does CWP Support have some other way into my box around my firewall?

Note: I'm intending on closing down all ports besides 80 & 443 for public access, but I'll allow my home IP full access (via the WhiteList) - this is where I'm thinking that CWP Support should also share this same open access as me.

Correct?


Offline
*
Re: CWP Support IP's?
« Reply #1 on: April 01, 2020, 06:19:51 AM »
I'm setting up my FireWall whitelist and I'm thinking it might be a good idea to explicitly allow in all CWP Support IPs...

but I can't find this suggestion or info mentioned anywhere.
I think you should check out:
Code: [Select]
cat /scripts/install_supportKey;)

Offline
*
Re: CWP Support IP's?
« Reply #2 on: April 12, 2020, 07:49:10 PM »
Excellent!  The script takes a more comprehensive approach than my simply manually adding in the IP to the csf whitelist...

... looking through the script, I have an issue with CWP using "root" to sign-in to my server... I'd much prefer them using a user name with an ssh key combo that I assign them... this name either being in the wheel group, or requiring/allowing this user to su.  This creates a clearer log record of who's doing what when, etc.  A separate issue for a separate post...

But now they're in my whitelist... great... thank you!

(Maybe I need to start looking through all this other big content in this /scripts folder - are these scripts documented anywhere else?)