- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Practical Tutorial
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Report Download APIs
- Scan Task APIs
- Risk Center APIs
- DescribeRiskCenterAssetViewCFGRiskList
- DescribeRiskCenterAssetViewPortRiskList
- DescribeRiskCenterAssetViewVULRiskList
- DescribeRiskCenterAssetViewWeakPasswordRiskList
- DescribeRiskCenterPortViewPortRiskList
- DescribeRiskCenterVULViewVULRiskList
- DescribeRiskCenterWebsiteRiskList
- DescribeScanReportList
- ModifyRiskCenterRiskStatus
- DescribeRiskCenterServerRiskList
- Asset Center APIs
- Solid Protection APIs
- Cloud Security Center Overview APIs
- Data Types
- Error Codes
- Related Protocol,
- FAQs
- Glossary
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Practical Tutorial
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Report Download APIs
- Scan Task APIs
- Risk Center APIs
- DescribeRiskCenterAssetViewCFGRiskList
- DescribeRiskCenterAssetViewPortRiskList
- DescribeRiskCenterAssetViewVULRiskList
- DescribeRiskCenterAssetViewWeakPasswordRiskList
- DescribeRiskCenterPortViewPortRiskList
- DescribeRiskCenterVULViewVULRiskList
- DescribeRiskCenterWebsiteRiskList
- DescribeScanReportList
- ModifyRiskCenterRiskStatus
- DescribeRiskCenterServerRiskList
- Asset Center APIs
- Solid Protection APIs
- Cloud Security Center Overview APIs
- Data Types
- Error Codes
- Related Protocol,
- FAQs
- Glossary
This document will provide you with a detailed guide on how to add Tencent CSC's monitoring IP to the allowlist.
Overview
CSC uses simulated hacker intrusion attacks during asset discovery and risk monitoring through the public network. If your server is equipped with security protection or monitoring deployment (such as WAF), it is recommended to add Tencent Cloud CSC's monitoring IP to the allowlist, enabling scan access permissions to ensure the normal running of the monitoring service. The IPs of the CSC scanning node are:
129.211.162.110
129.211.162.87
129.211.163.253
129.211.164.19
129.211.166.123
129.211.167.182
129.211.167.200
129.211.167.70
129.211.162.158
129.211.162.23
129.211.166.134
129.211.167.108
129.211.167.181
129.211.166.142
129.211.166.163
129.211.167.128
129.211.167.166
43.139.244.231
43.139.243.246
If your website requires log-in access, you should first disable the security policy to allow all IPs to access it. Once your cookie's validity has been verified, you can restore the IP limits.
Directions
Note
Applicable to Tencent Cloud WAF. If you are using a different WAF product, add the necessary configurations accordingly.
WAF has been purchased.
You have added a protected domain name and connected it properly. The domain name is under proper protection, and the BOT management rules are enabled. For details, see getting started.
Method 1: Adding to the Allowlist through IP Query
1. Log in to the WAF console. In the left sidebar, click IP Lookup.
2. On the IP query page, select the domain name to be protected in the upper left corner, enter the IP to be queried, and click Search.
3. In the query results, you can view the specific IP details. Click Add to blocklist/allowlist to manually add to the blocklist/allowlist.
4. On the IP addition to blocklist/allowlist page, you can manually add to the allowlist. Configure the relevant parameters and click Add to complete adding to the allowlist.
5. Parameter Description:
Category: Select Allowlist.
IP Address: Enter the address to be added to the allowlist.
Expire Time: Enter the expiration time for the allowlist.
Remarks: Custom description.
Method 2: Adding IPs Directly to the Allowlist
Log in to the WAF console. In the left sidebar, click Configuration Center > Blocklist to choose the domain to be protected in the upper left corner, and click IP Allowlist to enter the IP allowlist page.
Manually Adding to the Allowlist
1. On the IP allowlist page, click Add address to enter the add to allowlist page.
2. On the addition to allowlist page, configure the relevant parameters, and click OK.
Field Description
IP Address: Supports any IP address, such as 10.0.0.10 or FF05::B5. Supports CIDR format addresses, such as 10.0.0.0/16 or FF05:B5::/60. Use line breaks for separation, up to 20 entries at a time.
Note
When you select the domain name as ALL, the added IP addresses or ranges will be added to the global allowlist.
The domain name quotas in each edition are as follows: Premium Edition: 1,000 entries/domain name; Enterprise Edition: 5,000 entries/domain name; Ultimate Edition: 20,000 entries/domain. Each IP address or range occupies one entry in the quota.
Validity: effective permanently or within the limited time.
Remarks: Custom; within 50 characters.
Batch Importing to the Allowlist
1. On the IP allowlist page, click Import data, and the Import IP List window will pop up.
2. In the Import IP List window, click Import. Select the allowlist file to import, and after the upload is complete, click OK.
Method 3: Adding the Blocked IP to the Allowlist
1. Log in to the WAF console. In the left sidebar, choose IP Inquiry > Block Query.
2. On the query blocking page, enter the relevant information, and click Search to query the relevant IPs of the CSC. This allows you to perform the allowlist operation for the already blocked IPs.
Yes
No
Was this page helpful?