Controlling Access to the Site by IP Address

By default, all IP addresses are granted access to EFT Server. EFT Server allows you to grant access to only one specific IP address or a range of IP addresses, or deny access to one specific address or a range of addresses. EFT Server controls access on the Server, Site, Settings Template, and user account.

The IP access/ban list consists of a multiple, prioritized list of IP addresses, with each IP address designated as either allowed (whitelisted) or denied (blacklisted):

The diagram below provides a logic flow of EFT Server's IP address ban process.

chart_ipbanlist.png

icon_info.gif

IP address policy changes are propagated to the DMZ Gateway whenever the policy is modified in the administration interface or by the auto-ban logic.

To grant/deny access by IP Address on a Site

  1. In the administration interface, connect to EFT Server and click the Server tab.

  2. In the left pane, click the Site, then click the Connections tab.

  3. In the Network Usage and Security Settings area, next to IP access/ban list, click Configure. The IP Access Rules dialog box appears.

    The Auto-banned IPs Rule is defined by default. Any IP address that is banned automatically by the system is denied access, until an administrator removes it from the Autoban List.

  4. Click OK to close the IP Access Rules dialog box.

  5. Click Apply to save the changes on EFT Server.

icon_info.gif

If an IP address appears in this list that should not have been banned, you can delete it from the list by clicking it, then clicking Remove.

For more information about how IP addresses are banned, refer to Disconnecting Users after a Defined Number of Invalid Commands, Banning an IP Address that Uses an Invalid Account, and Flooding and Denial of Service Prevention.

Related Topics

Controlling IP Access for Remote Administration

Controlling User Access by IP Address