Firewall Rules
IT and ICT Technicians: please call 01273 823 909 between 9.00am and 5:30pm, or email helpdesk@charanga.com if you have any technical questions about your content filters or firewall that aren't covered here.
Please add info@charanga.com and helpdesk@charanga.com to your global Safe Senders email list.
If you run a content-filtering firewall, you will need to ensure that in addition to standard web-content types, that you also allow the following file extensions through your firewall (these are all served via standard HTTP GETs on TCP port 80):
- .mid (Midi audio)
- .mp3 (MP3 audio)
- .mp4 (MPEG video)
- .wav (Waveform Audio)
- .otf (OpenType fonts)
- .ttf (TrueType fonts)
- .woff (Web Open Font Format)
- .woff2 (Web Open Font Format)
We make the assumption that you are already allowing the following standard and de-facto standard web filetypes through your firewall:
- .css (Cascading Stylesheet)
- .gif (GIF image)
- .html (HTML files - and all text/html MIME type files)
- .jpg (JPEG image)
- .js (Javascript file)
- .json (JavaScript Object Notation)
- .pdf (Adobe PDF)
- .png (PNG image)
- .svg (Scalable Vector Graphic)
- .xml (XML)
Content tests
Basic Content Tests (automated)
Our resources use a variety of different filetypes to drive them. School networks are often configured to block mp3, mp4 and occasionally midi files.
If some of the resources don't appear to be playing back audio or video, you can use this section to check for yourself if the school network is blocking mp3, mp4 or midi files.
- Testing a sample mp3 file...
- Testing a sample mp4 file...
- Testing a sample midi file...
Comprehensive Content Tests
Click each of the following links and see if you see a "Content Blocked" style screen (in which case you'll need to unblock them) or if they play, download or open a media player, then there's no blocking going on.
When configuring computers for access to the website, please also consider user roles. The administrative login you may be using might have different permissions to a regular staff or pupil login. Teacher and pupil logins must be able to access all the file types listed on this page.
- Sample MP3, MP4, and midi file on this website
- Sample MP3, MP4, and midi file on our CDN host
- Sample MP3, MP4, and midi a file on our alternate CDN host #1
- Sample MP3, MP4, and midi file on our alternate CDN host #2
- Sample MP3, MP4, and midi file on our alternate CDN host #3
- Sample MP3, MP4, and midi file on our alternate CDN host #4
When you click the MP3, MP4 and midi file links, if you see a page saying Content blocked or Filetype disallowed or 500 Internal Server Error or similar, then you will need to unblock the the following domains:
- cdn.charanga.com - this is a DNS CNAME for dxzysb21ev2kx.cloudfront.net which is an Amazon Cloudfront distribution
- dxzysb21ev2kx.cloudfront.net - this is an AWS Cloudfront CDN distribution. If you operate Fortinet, you'll need to allow Amazon.CloudFront and Amazon.AWS in your appcontrols
- assets.charanga.com - this is a DNS CNAME for ddl160lqs3mb.cloudfront.net which is an Amazon Cloudfront distribution
- ddl160lqs3mb.cloudfront.net
- assets0.charanga.com
- assets1.charanga.com
- assets2.charanga.com
- assets3.charanga.com
- ir.charanga.com
You can test whether everything is configured correctly by visiting our browser test page. You should see 3 green ticks.
Email filtering
We send out password reminders, login resets and other emails to our users using Amazon Web Services (AWS) Simple Email Service (AWS SES). All From: addresses are @charanga.com and our emails are SPF and DKIM signed. If you can add this domain to your email whitelist filters, then this will aid our support emails to your users. The sending mail servers are all hosts and subdomains of amazonses.com.
We send out newsletters and periodic updates about the service from the SMTP hosts createsend.com, cmail1.com, cmail2.com, cmail3.com, cmail4.com, cmail5.com. These are also SPF and DKIM signed.
Video Calls, eg Webinars
We have a separate help page for video calls/conferences: Video Conferencing - Troubleshooting