Allowlisting IP for External Vulnerability scanning

yzewdie · August 9, 2023, 7:53pm

Hi there,

We’re operating an SFCC shop, and we were in the midst of arranging AlertLogic External Vulnerability scanning for meaningfulbeauty.com. However, our initial scan hit a timeout error. After delving deeper, it’s become clear that we need to allowlist or include the IP addresses in the trusted IPs list within the Embedded CDN firewall settings.

Regrettably, when we tried to input their IP addresses, we encountered an error message stating that the IP range isn’t permitted by Cloudflare. We’ve already contacted the SFCC support team, and they directed us to get in touch with Cloudflare customer service.

Could you please assist us in adding the provided IP addresses?

204.110.218.0/23 - 512 IPs - 204.110.218.0-204.110.219.255
208.71.208.0/22 - 1024 IPs - 208.71.208.0-208.71.211.255
185.54.124.0/22 - 1024 IPs - 185.54.124.0-185.54.127.255

Best regards,
Yonathan

Cyb3r-Jak3 · August 9, 2023, 11:43pm

What was the Firewall rule syntax that you used to try and allow the IP addresses?

Laudian · August 10, 2023, 12:01am

What are you trying to achieve?

Running a scan for “Common TCP and UDP ports” and “Typically Vulnerable TCP and UDP ports” against Cloudflare’s network does not make much sense.

You should probably scan your own server by running it with your IP as the target, not the domain.

system · August 25, 2023, 12:01am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.