Closed Bug 1470950 Opened 7 years ago Closed 7 years ago

Add detectportal.firefox.com and getpocket.cdn.mozilla.net to proxy whitelist

Categories

(Infrastructure & Operations :: Proxy ACL Request, task)

Product:
Infrastructure & Operations
Component:
Proxy ACL Request
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: zmullaly, Assigned: cknowles)

Details

Attachments

(1 file)

bug1470950-updatedwhitelist.diff
3.79 KB, patch
claudijd
: review+
Details | Diff | Splinter Review
There has been some traffic coming out of a data center triggering an alert in MozDef. Specifically, CONNECT requests for getpocket.cdn.mozilla.net and GET requests for http://detectportal.firefox.com/success.txt are resulting in Status 403 - Forbidden.
Could we please get these Mozilla domains added to our global white-list to reduce this noise?
Whitelisted the destinations in puppet.git via 35af2104a747d834f7044aa29d62253bbe8da303, pushed to mdcX. Letting SCL3 pick it up on its own.
Assignee: infra → bhourigan
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Was browsing around the proxy rules when I found these duplicated entries. They were added to each proxy definition, rather than the global white list. Attached is a proposed path to remove the redundant entries, and have it in the global whitelist. Let me know what you think
Assignee: bhourigan → cknowles
Status: RESOLVED → REOPENED
Flags: needinfo?(zmullaly)
Flags: needinfo?(jclaudius)
Attachment #9012860 - Flags: review?(jclaudius)
Resolution: FIXED → ---
Flags: needinfo?(jclaudius)
Attachment #9012860 - Flags: review?(jclaudius) → review+
Found several others that fall into this category. Am closing this out in favor of the more general bug 1494961
Status: REOPENED → RESOLVED
Closed: 7 years ago7 years ago
Resolution: --- → FIXED
Flags: needinfo?(zmullaly)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: