Sometimes you do not want to block certain IPs or domain names. For example, you don't want to block Google Bot, MSN (Bing) Bot, a third party site management service, a third party CDN service you are using and so on. You can easily add Exceptions from blocking. You can set the following options to prevent Admin Tools from blocking certain IPs and domain names:
Enter a comma-separated list of IPs which should never
be automatically blocked. For example, such a list can be
127.0.0.1, 188.8.131.52 Moreover, you can
use IP ranges (e.g.
implied IP range notation (
127.0.0. for the
entire 127.0.0.1 to 127.0.0.255 block) and CIDR block notation
127.0.0.0/8) on top of plain old IP
Finally, you may enter a dynamic IP domain name prefixed
by the at-sign. This only applies if you are using a dynamic
IP address domain provider (e.g. DynDNS). For example, if you
are using DynDNS and your dynamic IP address domain name is
example.dyndns.info you can enter
@example.dyndns.info to whitelist your
dynamic IP address. Be careful to enter the correct domain
name or you may have a delay of up to 30" processing security
If you are using the whitelist feature to allow access to the administrator section of your site only to specific IPs, these IPs are automatically added to the safe list of IPs which should never be automatically blocked.
IPs added to this list are fully white-listed. This means that no security measure will be applied against them. Please place only very well trusted IPs in this list! If an attack is launched from this IP, it will not be blocked by Admin Tools!
If the IP address of the visitor who raised a security exception resolves to a domain name ending in what you enter here they will not be blocked. Effectively, these domain names have a free pass on your site.
Malicious URLs from these domain names WILL be blocked but a. this will not be logged and b. their IP address will not be automatically blocked by the "Auto-ban Repeat Offenders" feature below. This is done to protect your site against reflected search engine attacks. Let us explain this.
Some hackers try to exploit search engines' eagerness to scan URLs, crafting malicious URLs to your site and putting them on their own sites. Search engines will see them and try to visit them on your site. You are whitelisting these search engines as you don't want to lock them out of your site. If the malicious URL wasn't blocked just because the request comes from a seemingly innocent source your site would be instantly hacked. That's why the malicious URLs are still blocked, just not logged or cause IP addresses to be automatically banned.
Enter a comma separated list of the domain names you
want to whitelist. The default value is
.googlebot.com,.search.msn.com which whitelists
the search engine indexers Google Bot (used by Google Search)
and MSN Bot (used by Bing).