What DNS names to whitelist for the scanner?

  • Hey.

    When we’re working on sites, they’re usually behind authorisation. Sucuri is getting 401 Unauthorised.

    We’d like to whitelist your servers, but we don’t know what pools/names to use. We’ve found three lists so far (two from Google, one from a support question 2.5 years ago here), none of them currently work.

    What are the IPs/names to whitelist now?

    Also, since Apache’s AUTHZ_CORE now includes a “forward-dns” directive, it might be prudent to set up DNS names like whitelist1.sucuri.net, whitelist2.sucuri.net and so on, so that even when the IPs change, they’ll stay whitelisted once set up. Alternatively, a well-maintained entry named scanner.sucuri.net or something, with a fallback to that if you’re getting 401 (so that eventually this is the name Apache sees and can match).

    By the way, why didn’t sitecheck.sucuri.net through sitecheck4.sucuri.net work out? That was a lovely set of names to check against… Alas, still getting a 401 error report in Sucuri.

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘What DNS names to whitelist for the scanner?’ is closed to new replies.