Switching Increased Protection Against Cross-Site Scripting (Xss) On/Off; Ip Blacklist And Whitelist As Protection Against Attacks From The Internet - Auerswald COMpact 3000 analog Operating Manual

Switching Increased Protection against Cross-Site Scripting (XSS) On/Off

To protect against Cross-Site Scripting, certain special characters may not be entered in the
configuration manager. If increased protection against Cross-Site Scripting has been enabled,
additional special characters are added to the list of restricted special characters.
Switching this on/off can be done as follows:
• Via the configuration manager
Requirements:
– Configuration manager, opened with sufficient authorisation
1. Open the page CONFIGURATION > Server configuration > Network.
2. Select or clear the Increased protection (against XSS) check box under Webserver
configuration.
Enables increased protection against Cross-Site Scripting (XSS). The following
characters are not approved for the configuration manager. If entered, they will
be identified as prohibited characters and cannot be saved:
generally prohibited characters
Disables increased protection against Cross-Site Scripting (XSS). The
following characters are not approved for the configuration manager. If
entered, they will be identified as prohibited characters and cannot be saved:
' $ % < > \ [ ] ^ {
Further steps:
– Save your settings before you leave the page.

IP Blacklist and Whitelist as Protection Against Attacks from the Internet

As soon as the PBX is connected to the Internet, it is at risk of being attacked, for example by
DoS (Denial of Service) attacks or attacks aimed at the internal SIP server, that come via the
Internet.
To prevent this, you can enable an IP blacklist.
COMpact 3000 analog/ISDN/VoIP - Firmware V4.0 - Operating Manual V06 12/2020
Switching Increased Protection against Cross-Site Scripting (XSS) On/Off
" ' $ % < > \ [ ] ^ {
}.
Internet Access
# & + / and the
}.
Settings
"
353