Whitelisting Dynamic DNS hostnames

[msklut]

Any suggestions for whitelisting dynamic DNS hostnames?

Need this for cPhulk, ModSecurity and Mod Evasive? Based on ModSecurity reference manual, it looks like this can be done with 'SERVER_NAME'. Can anyone verify this?

 

[cPRex]

Hey there! I wouldn't expect these to be different than whitelisting any other hostname on the system. Since you'll want to be examining the hostname and not the IP address, any tool that will accept a domain name will work.

Unfortunately none of the tools you mention work with domain names as they all only scan IP addresses, so I don't have much help to provide with those. I do see that ModSecurity has the SERVER_NAME variable, but they don't provide any details on how to use that for blocking the incoming connections. mod_evasive documents their IP detection process here, and also has no mention of hostnames: GitHub - jzdziarski/mod_evasive: Apache mod_evasive module

 

[msklut]

Unfortunately none of the tools you mention work with domain names as they all only scan IP addresses, so I don't have much help to provide with those.

I noticed there was a feature request for whitelisting DDNS hostnames in cPhulk many years ago. Any idea if it's still in the works?

 

[cPRex]

I'll run that by the team in next week's features meeting!

 

[msklut]

I'll run that by the team in next week's features meeting!

Just following up to see if you had any updates since the meeting. Thanks!

 

[cPRex]

I did send it over to the team so they are aware it needs some action. At this point it's not up to me, but up to the developers to act on the request or not, so I likely won't have updates on it for a bit.

The best way to follow along is to comment on the feature request and then you'll receive a notification when there is a change to it.