homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque

Webmaster General Forum

Blocking certain IP address(es)
How does one accomplish this in a reasonable way?

5+ Year Member

Msg#: 4178657 posted 4:17 pm on Jul 29, 2010 (gmt 0)

Is there a reasonably simple solution to blocking certain IP's and/or places from accessing a particular website? What if the place I want to block has rotating IP addresses, such that it might be impossible to block all the possible IP's?

Any comment or direction to a treatment of this would be appreciated.



WebmasterWorld Senior Member lammert us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

Msg#: 4178657 posted 4:33 am on Aug 2, 2010 (gmt 0)

Hi Kenny,

There are roughly three levels to block a visitor from a certain IP address to get access to your website. The first level is in a firewall outside, or at the outer layer of your server. The second level is in the web server software (Apache, IIS, Nginx) and the third level is in the website application scripts (PHP, ASP, Perl, etc)

Blocking at the firewall level is the fastest, and has the less performance impact on the server but it is the most difficult to maintain. Blocking at the scripting level is the most versatile but uses the most CPU processing power and probably requires the most programming effort from your side.

Which option is the best for you depends on the server software you use, the scripting language and the knowledge you have in configuring them. Also how fast the IP address changes may influence your decision. If it is a fixed group of IP addresses from a data center used by a scraper, just blocking those addresses in the firewall is the most efficient way. But if you want to block a manual forum abuser who uses a number of different proxies to try to spam your forum, a solution in your forum scripting software might be a better way to go. Some forum software distributions have a built-in option to block certain IP addresses or address ranges.


WebmasterWorld Senior Member tangor us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

Msg#: 4178657 posted 5:20 am on Aug 2, 2010 (gmt 0)

All above, but don't neglect the possibility of blocking by UA, Referer (sp correctly) or, possibly, by URI depending on how your site is being accessed. Sounds like you want to block a site rather than a visitor, or perhaps a scaper after your goodies. Look for common strings in your logs, run comparison searches in those logs to determine collateral damage (if any) then implement. A "set it and forget it (which you NEVER want to forget) is killing a CDIR range of IPs... less typing, more efficient, but is a shotgun approach.

Global Options:
 top home search open messages active posts  

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved