Applies to: Syncplify.me Server!
Version(s): 4.x - 5.x


Up to version 3.x, Syncplify.me Server! featured a black-list and a white-list. The black-list is where all “bad guys” would end up if they tried attacking the server (DoS, DDoS, password harvesting, …) while the white-list was used for a much more restrictive purpose. In fact – when enabled – the white-list would allow clients to connect  only if their IP address was in the white-list. Enabling the white-list, practically, means permanently black-listing anyone who is not on in the white-list.


Although the black/white concept was good enough for most installations, we figured that we could make it even more flexible. That’s why in version 4.0, Syncplify.me Server! introduces a third list, called  safe-list. Here’s how the 3 lists work:


BlackList: any IP address (e.g.: 192.168.1.35) or network (e.g.: 10.23.5.0/255.255.255.0) listed in the black-list will be rejected


WhiteList: if this list is not empty, then only the IP addresses and networks in this list will be allowed to connect, and anyone else’s connection attempt will be rejected (also, it is important to understand that whitelisting an IP address does not prevent it from being blacklisted, see the safe-list here below for that)


SafeList: IP addresses and networks listed in the safe-list will never be blacklisted, even if they perform actions that may be interpreted as attacks, for example, if they connect and disconnect without attempting authentication (typical behavior of a load balancer)

 

Clever use of the 3 above lists guarantees enough flexibility to satisfy a much wider variety of situations than any previous version of Syncplify.me Server!