What are the trusted Whatfix domains to whitelist?
- 26 Feb 2025
- 2 Minuten zu lesen
-
Drucken
-
DunkelLicht
-
pdf
What are the trusted Whatfix domains to whitelist?
- Aktualisiert am 26 Feb 2025
- 2 Minuten zu lesen
-
Drucken
-
DunkelLicht
-
pdf
The content is currently unavailable in German. You are viewing the default English version.
Artikel-Zusammenfassung
Fanden Sie diese Zusammenfassung hilfreich?
Vielen Dank für Ihr Feedback
If your organization uses a firewall to restrict network access to only specific websites or software, then you need to whitelist the following domains to ensure that your application can communicate with Whatfix and fetch content for your end users to view.
Also, if your organization has a Content Security Policy (CSP) in place to block external code insertions, then it could prevent Whatfix from working on your application.
To prevent this from happening and to resolve CSP violation errors, the following domains must be added as an exception (Whitelisted) as part of the application's CSP headers. For more information, see Content Security Policy Reference.
Domains to Whitelist:
For all users (excluding EU data centre users):
https://whatfix.com/*
https://cdn.whatfix.com/*
https://cdn.whatfix.com/org_desktop_release/<ORG_ID>/manifest.json
Info:
Replace <ORG_ID> with your Organization ID. Contact your Whatfix Representative to get your Organization ID.
CSP directives to whitelist
Info:
Depending on the deployment model, you need to whitelist only the necessary directives.
Whitelist Google Analytics (GA) domains only if you have it configured for your account.
Deployment Model | CSP Directives | Domain/value |
|---|---|---|
Export (Content on the same server) | connect-src | *whatfix.com |
www.google-analytics.com | ||
analytics.google.com | ||
style-src | unsafe-inline | |
img-src | data: | |
www.google-analytics.com | ||
analytics.google.com | ||
Export (Content fetched from a different domain server) | connect-src | *.whatfix.com |
www.google-analytics.com | ||
analytics.google.com | ||
script-src | *.<domain>, <domain> | |
frame-src | ||
style-src | unsafe-inline | |
img-src | data: | |
www.google-analytics.com | ||
analytics.google.com | ||
CDN | connect-src | *.whatfix.com |
*.whatfix.com | ||
www.google-analytics.com | ||
analytics.google.com | ||
script-src | *.whatfix.com | |
frame-src | ||
style-src | unsafe-inline | |
img-src | www.google-analytics.com | |
analytics.google.com | ||
data: | ||
Extension | connect-src | www.google-analytics.com |
analytics.google.com | ||
img-src | data: | |
www.google-analytics.com | ||
analytics.google.com | ||
Dev script | connect-src | *.whatfix.com |
*whatfix.com | ||
www.google-analytics.com | ||
analytics.google.com | ||
img-src | data: | |
www.google-analytics.com | ||
analytics.google.com | ||
script-src | *.whatfix.com | |
frame-src | *whatfix.com | |
For EU data center users:
https://eu.whatfix.com/*
https://eucdn.whatfix.com/*
https://eucdn.whatfix.com/org_desktop_release/<ORG_ID>/manifest.json
Info:
Replace <ORG_ID> with your Organization ID. Contact your Whatfix Representative to get your Organization ID.
CSP directives to whitelist for EU Data Centers
Deployment Model | CSP Directives | Domain/value |
|---|---|---|
CDN | connect-src | *.whatfix.com |
script-src | *.whatfix.com | |
frame-src | *.whatfix.com | |
Dev script | connect-src | *.whatfix.com *whatfix.com |
script-src | ||
frame-src | ||
Note:
Your IT Admin can help in whitelisting the mentioned domains.
If you are using any video or image links in your Whatfix content, then you need to whitelist those domains as well. For example, if you embed a YouTube video in a Pop-up, then you need to whitelist youtube.com.
For organizations that use Proxy servers
If your organization uses Zscaler or some other equivalent proxy server, then it could prevent Whatfix widgets from showing up even after the successful installation of the Desktop Player and Editor apps.
To prevent this issue, you must exempt the following Whatfix URLs from SSL certificate inspection,
https://cdn.whatfix.com
Other Whatfix URLs mentioned in this article
To know more about SSL exemption for Zscaler, see,
When do domains need whitelisting?
Whatfix recommends whitelisting the domains before you start creating content on Whatfix. This way, content creators will not have any issues previewing and testing the content.
IP addresses to Whitelist
IPv4 | IPv6 |
173.245.48.0/20 | 2400:cb00::/32 |
103.21.244.0/22 | 2606:4700::/32 |
103.22.200.0/22 | 2803:f800::/32 |
103.31.4.0/22 | 2405:b500::/32 |
141.101.64.0/18 | 2405:8100::/32 |
108.162.192.0/18 | 2a06:98c0::/29 |
190.93.240.0/20 | 2c0f:f248::/32 |
188.114.96.0/20 | |
197.234.240.0/22 | |
198.41.128.0/17 | |
162.158.0.0/15 | |
172.64.0.0/13 | |
131.0.72.0/22 | |
104.24.0.0/13 | |
104.24.0.0/14 |
Note:
IP addresses are the same for all users.
Processes to whitelist
Allow the nw.exe process in your firewall. For more information on how to whitelist a process in your Windows firewall, see Microsoft's official documentation.
Best Practices
Make sure you have applied the policy to every page. This must include error pages as well.
War dieser Artikel hilfreich?