All the requests sent from Uptime Robot are using pre-defined IPs to make sure that we all know the source of the requests.
A new IP block is being added to the system:
And, if exists, please make sure it is whitelisted in your firewalls.
Also, the full list of the IPs used can be found here.
P.S.> If you had never needed to whitelist or take action regarding to Uptime Robot’s IPs in the past, then you probably don’t need to take any action and can ignore this info.
1. POC Time Plan To make your evaluation as efficient as possible it helps to sketch a rough time plan.
Uptime Robot treats all HTTP statuses equally. They mean either up or down… except HTTP 401.
HTTP 401 is expected in some situations and not expected in others. Currently, HTTP 401 is handled as:
- If auth info is mentioned in monitor’s settings but HTTP 401 is returned, monitor is marked as down
- if no auth info is mentioned but HTTP 401 is returned, it is marked as up
which looked like the best way at the early days of Uptime Robot.
Yet, there are edge cases on both scenarios like “a monitor with no auth info returning HTTP 401″ may also mean that the site/server is experiencing configuration issues and this must be detected as down.
As there is now a Pro Plan feature to customize HTTP statuses, Uptime Robot will start treating HTTP 401 just like other HTTP statuses (which are equal to or bigger than 400):
- will be considered as down by default no matter auth info exists or not
- if needed, it will be customizable with the HTTP status customization feature.
This change will give room to handling this HTTP status however preferred and the change is planned to go live on 1 March 2019.
We’re going on tour: Joining Mimecast for the RSA conference on 4-8 March 2019!
We’re super proud to have Mimecast (one of the leading email and data security company) as our channel-partner/reseller since June last year. Together we work towards effectively blocking impersonation, phishing, spoofing and malware attacks by combining email channel visibility and reporting with DMARC Analyzer, as well as Mimecast DMARC policies at the gateway and Mimecast® Targeted Threat Protection.
Our sales development representative, Danny Hoogeveen will be present at the conference together with Mimecast. Drop by our stand if you’re interested in a live demonstration, if you have questions or just to say hello.
The RSA conference takes place in San Francisco, between 4 and 8th of March and it’s gathering all cybersecurity professionals together in one place. We’re looking forward to meet friends among the security and protection aficionados present at the event. The topic of the RSA conference this year is Better, a theme which we strongly believe in as well. There are a lot of high quality speakers attending that will expose participants to better solutions and discussions about keeping the digital world safe.
The total number of attendees add up to 150,000, making this conference the only event that offers such a broad range of topics and valuable content presented by knowledgeable people. The speakers will cover topics from A.I to Cloud Computing, from cryptography to the future of data protection- worth checking out this event.
Let us know if you’re coming!
The post Meet DMARC Analyzer at the RSA conference on 4-8 March 2019 appeared first on DMARC Analyzer.
We’ve noticed that not all users take full advantage of the fact that you can add unlimited domains in your DMARC Analyzer account without additional costs.
Why is it important to add inactive or parked domains?
Most users will skip protecting these domains because they are not being used to send email and therefore believe it is not necessary to implement a DMARC policy for them. However, someone else might (try to) abuse these domains. Your inactive domains can just as easily be used for sending malicious emails and should therefore be secured too!
Securing your inactive domains is just as important as your primary domains. Here’s why:
- Your parked domains are just as vulnerable to attacks as your primary domains;
- It’s easy to protect inactive domains if they are not being used to send emails.
Great news: We’re offering a 90-Day challenge to help you enforce a 100% DMARC reject policy for all your parked domains!
The challenge starts as soon as you sign up! Are you ready to take this challenge and secured all of your domains?
The challenge has ended.
The post Join the 90-Day challenge to secure ALL your domains appeared first on DMARC Analyzer.