Advanced security, whitelist, and blacklist

Admins can control access to the helpdesk by using whitelists and blacklists to filter users by domain name, IP address, email address or language. These filters apply to user actions such as logging in, registering, and creating tickets (via email or the web).

Whitelist

Use a whitelist to explicitly allow access from trusted sources.

This is helpful when you want to restrict access to employees without needing to pre-create their user accounts. Any domain or IP not on the whitelist will be denied access.

Blacklisting

Use a blacklist to block unwanted access.

For example, if the help desk is for business customers only, admins can blacklist public email domains like gmail.com or hotmail.com. Users from those domains won't be able to submit tickets, register, or log in.

Adding a blacklist or whitelist

Admins can follow these steps to control who can access the help desk:

  1. Go to Admin settings > Account > Security
  2. Scroll down to White & blacklists
  3. Click on the desired tab. Below are the available options:
    • Domain names
    • IP Addresses
    • IP Addresses For Staff
    • Email Addresses
    • Languages
  4. Click on the + icon
  5. Enter the value that needs to be added to the whitelist or blacklist, and hit enter. Repeat as needed
  6. Click save

Note: Both whitelist and blacklist can be used at the same time. When determining which are allowed or blocked, the blacklist always overrides the whitelist.

Misconfigured whitelists can lock out legitimate users. Always test with a non-admin account after changes.