Nagios XI support forum site turns white

[ssax]

To make forward progress on your issue you will need to contact your security team and have them whitelist maxcdn.bootstrapcdn.com for our forums as the forum application we use uses it for the bootstrap functionality:

Code: Select all

<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32xxxxxxx+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxxxxxxIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>

We can submit the request to development but given you're the only one reporting the issue the request is likely going to be considered low priority, you'll get faster movement to your troubles by contacting your security team and having them whitelist it OR by accessing it from another system that doesn't have it blacklisted.

[rajasegar]

To make forward progress on your issue you will need to contact your security team and have them whitelist maxcdn.bootstrapcdn.com for our forums as the forum application we use uses it for the bootstrap functionality:

Code: Select all

<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32xxxxxxx+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxxxxxxIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>

We can submit the request to development but given you're the only one reporting the issue the request is likely going to be considered low priority, you'll get faster movement to your troubles by contacting your security team and having them whitelist it OR by accessing it from another system that doesn't have it blacklisted.

Security team is refusing to whitelist as they got complains the IP is used for phishing from our subsidiary. It was validated to be true.
Now they are asking for proof the site is not a phishing site anymore. Please assist on this.

[ssax]

If you go here:

Code: Select all

https://maxcdn.bootstrapcdn.com/

It will show you that it's The recommended CDN for Bootstrap, Font Awesome, Bootswatch and Bootstrap Icons.

Then go to the Nagios Support forums and view the page source to see this:

Code: Select all

<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32xxxxxxx+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxxxxxxIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>

The Nagios Support forums uses maxcdn.bootstrapcdn.com to download the bootstrap files the Forum needs to function.

I've submitted the feature-request to development:

Code: Select all

FR: Forums - Customer's system is preventing access to maxcdn.bootstrapcdn.com when accessing the forums because it flagging it as a blacklisted spam/phishing site - Please update PHP-BB or not use maxcdn.bootstrapcdn.com

You will need to access the site outside of your secure network OR have them whitelist the application. If they are unable to whitelist it for whatever reason you will need to access it outside of your secure environment until development stops using bootstrap in the forums (which isn't likely to happen soon).

Thank you!

[rajasegar]

If you go here:

Code: Select all

https://maxcdn.bootstrapcdn.com/

It will show you that it's The recommended CDN for Bootstrap, Font Awesome, Bootswatch and Bootstrap Icons.

Then go to the Nagios Support forums and view the page source to see this:

Code: Select all

<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32xxxxxxx+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxxxxxxIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>

The Nagios Support forums uses maxcdn.bootstrapcdn.com to download the bootstrap files the Forum needs to function.

I've submitted the feature-request to development:

Code: Select all

FR: Forums - Customer's system is preventing access to maxcdn.bootstrapcdn.com when accessing the forums because it flagging it as a blacklisted spam/phishing site - Please update PHP-BB or not use maxcdn.bootstrapcdn.com

You will need to access the site outside of your secure network OR have them whitelist the application. If they are unable to whitelist it for whatever reason you will need to access it outside of your secure environment until development stops using bootstrap in the forums (which isn't likely to happen soon).

Thank you!

The issue is I cannot transfer any files or anything out of my company notebook to my personal PC. Its all blocked. I can only type text or send screenshots only currently to this site. Hope this can be sorted out fast.

[ssax]

I apologize that you're having trouble with that process, I know that it can be frustrating to work in a situation like that so I definitely understand where you're coming from.

The feature-request has been submitted to development, I do not have an ETA of if/when that will occur but development has been notified of the request.

Thank you!

[rajasegar]

I apologize that you're having trouble with that process, I know that it can be frustrating to work in a situation like that so I definitely understand where you're coming from.

The feature-request has been submitted to development, I do not have an ETA of if/when that will occur but development has been notified of the request.

Thank you!

Security wants confirmation on that IP. Why it was used to launch a phishing attack on the bank?
Without getting a rock solid answer and preventive measures taken, no way they going to whitelist that IP.

Nagios should escalate to https://maxcdn.bootstrapcdn.com/ for answers as your website is using a site that was proven to launch phishing attack,

[kfanselow]

Hi rajasegar,

What it comes down to is bootstrapcdn.com is a provider for an estimated 7.9 million websites around the world per their description and it makes sense for them to use larger content delivery providers like Cloudflare. Unfortunately large companies who distribute content for others can be abused a small subset of malicious or unethical customers; the fact that a third party may have abused a service is disappointing but the risk needs to be weighted against the opportunity cost of disabling access. In this particular case the IP address that is being used belongs to Cloudflare. That IP address is probably distributing content for a number of Cloudflare customers in addition to bootstrapcdn.com; or a spammer used the tools that bootstrapcdn.com offers for unethical purposes. The best thing you can do is work with your security team to find a good balance to manage the risk and access for your organization. The good news is that we are transitioning to a new Answer Hub and Service Ticketing system very soon !!!

Thanks and Best Regards,
Keith