We are currently using the Braintree payment gateway plugin in our development environment to handle credit card payments. As part of our security measures, our security team has decided to implement country-level restrictions, limiting access to our development application until the website is officially launched. However, this change has inadvertently impacted the functionality of the Braintree payment method, causing it to stop working.

To resolve this, the security team has suggested that if you could provide the IP range(s) used by the Braintree plugin, they can whitelist these IPs to ensure that the payment method continues to function smoothly, even with the country-level restrictions in place.

Your assistance in providing this information would be greatly appreciated.

Here is my email: [email protected]

Thank you in advance for your help.

Can you use the CIDR format to specify the ranges to be blocked e.g. using the format 2100::/8 to specify the range 2100:: to 21ff:ffff:ffff:ffff:ffff:ffff:ffff:ffff as well as smnaller ranges e.g. 2001:4d48:cd21:8500::/56 for 2001:4d48:cd21:8500:: to 2001:4d48:cd21:85ff:ffff:ffff:ffff:ffff?

If CIDR is not supported, based on the response to the other question where IPv6 was briefly mentioned, would the range 2100::/8 be specified in the blocklist (or safelist) as 2100/21ff:0/ffff:0/ffff:0/ffff:0/ffff:0/ffff:0/ffff:0/ffff

Thank you.

How can I do so?

Ex: 10.10.0.1 – 10.10.255.254

Is it possible to create a custom pattern that includes multiple ranges? For example, could I create a rule for 36.96.0.0-36.223.255.255 and 59.192.0.0-60.31.255.255? Would a comma (,) or semi-colon (;) work to string multiple IP ranges together? If so, how many ranges can I include in a single rule? From a performance perspective would it be more efficient if I created a new custom pattern for each range?

Thanks!

Can’t turn off 2FA for admins.

“Allow remembering device for 30 days” sounds good so I don’t have to do the 2FA dance with every login. Not sure how this works, but I’m never remembered.

“Whitelisted IP addresses that bypass 2FA”: great idea. I whitelisted all the IPs in my ISP’s usual range. Got 2FA’ed again today and my IP has not changed. I’m smack dab in the middle of the range: xx.90.218.[0-255] (where xx is a two digit number). It’s on a line by itself. Just like the examples provided in the backend.

That’s two basic bugs in this security plugin.

I like your competitor, All in One Security. It works. Buggy security software makes my skin crawl.

122.248.245.244/32 O.K
54.217.201.243/32 O.K
54.232.116.4/32 (Faild with msg. IP is in the list)
192.0.80.0/20 O.K
192.0.96.0/20 O.K
192.0.112.0/20 O.K
195.234.108.0/22 O.K
192.0.96.202/32 (Faild with msg. IP is in the list)
192.0.98.138/32 (Faild with msg. IP is in the list)
192.0.102.71/32 (Faild with msg. IP is in the list)
192.0.102.95/32 O.K