cancel
Showing results for 
Search instead for 
Did you mean: 

Adding URL to "whitelist"

FIXED
lindsaywilson88
Hooked
Posts: 6
Registered: ‎08-02-2024

Adding URL to "whitelist"

Hello,

Short version: Does Plusnet themselves maintain a "whitelist" of urls & ports to which they can add a specific entry?

Long version: We originally had Plusnet Business Broadband & Phone, and had a card terminal (Ingenico iCT250) connected via the telephone line. Because of both the closure of Plusnet Business and the phase-out of copper lines, we will be switching to Plusnet residential fiber (still to be installed) and ditching the telephone line. (I have already moved my number to a separate VOIP service).

I have changed the card terminal's settings so it connects via ethernet instead. All appears to work fine - it takes transactions, does end-of-day banking, updates itself etc. However, just to be sure, I asked our provider (Worldpay) if there is anything else I should do. After much discussion with someone who appeared to have the technical knowledge of an average BT call centre employee, they eventually told me that I should "contact my network provider and have them add the following URL and port number to their whitelist". Said URL and port number are:

ukpos.protectedtransactions.com     443

(This is presumably the URL that the terminal uses to download updates, get transaction authorisations etc.)

I initially assumed that they thought I had a firewall operating, so explained that I did not and would be connecting the card terminal directly to the Plusnet router. They still insisted that I contact my "network provider" and have them add these details.

So, assuming that "network provider" means Plusnet, are you able to do this?

Or is the Worldpay person talking nonsense? I would have thought that the fact the card terminal worked perfectly means there is no issue with any URLs or ports being blocked, so perhaps this is nothing to worry about?

I intend to get back to Worldpay, but unfortunately it's very difficult to get any sense out of their supposed technical support people, so I wanted to check here first to see what people's take is!

Many thanks,

Lindsay Wilson

4 REPLIES 4
MisterW
Superuser
Superuser
Posts: 14,738
Thanks: 5,515
Fixes: 394
Registered: ‎30-07-2007

Re: Adding URL to "whitelist"

Fix

Or is the Worldpay person talking nonsense? I would have thought that the fact the card terminal worked perfectly means there is no issue with any URLs or ports being blocked, so perhaps this is nothing to worry about?

Correct!.

Plusnet do not block any outgoing ports. If you have Plusnet Safeguard https://www.plus.net/help/broadband/how-to-use-plusnet-safeguard/ activated then potentially some URLs could be blocked but, unlesss it had been incorrectly categorised, the worldpay site would not be blocked. Safeguard is disabled by default anyway...

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

Champnet
Aspiring Hero
Posts: 2,603
Thanks: 983
Fixes: 12
Registered: ‎25-07-2007

Re: Adding URL to "whitelist"

Those instructions are probably meant for larger Business systems where the security on both incoming and outgoing traffic is a lot tighter…

 

lindsaywilson88
Hooked
Posts: 6
Registered: ‎08-02-2024

Re: Adding URL to "whitelist"

@MisterW Many thanks for confirming! I wasn't actually aware of the Safeguard feature, thanks for mentioning it. I'll double-check to make sure it's off when I do set things up.

corringham
Seasoned Champion
Posts: 1,237
Thanks: 650
Fixes: 16
Registered: ‎25-09-2015

Re: Adding URL to "whitelist"

I'm not familiar with Worldpay's requirements for network security to meet the PCI DSS requirements, but the last time (it was a few years ago) I set up a card machine from a major bank we had to jump through hoops to meet their requirements - the card machine had to be on a separate VLAN to any other devices, had to have a firewall in use, etc.

If Worldpay's requirements are anything like that, then I doubt a Plusnet residential connection would ever be acceptable.

I now use zettle, and their requirements are much less stringent as they use a VPN from the device to their systems, so maybe Worlpay's machines are like that - although in that case I don't see the requirement for ports to be added to whitelists.