IP address blocking
|This article needs additional citations for verification. (March 2012) (Learn how and when to remove this template message)|
IP address blocking prevents connection between a server or website and certain IP addresses or ranges of addresses. IP address blocking effectively bans undesired connections from hosts using affected addresses to a website, mail server, or other Internet server.
IP address blocking is commonly used to protect against brute force attacks. Both companies and schools offering remote user access use Linux programs such as DenyHosts or Fail2ban for protection from unauthorized access while allowing permitted remote access. This is also useful for people who want to remotely access their computers. It is also used for censorship.
On a website, an IP address ban is often used to prevent a disruptive member from access, though a warning and/or account ban may be used first. Dynamic allocation of IP addresses can complicate incoming IP address blocking, rendering it difficult to block a specific user without blocking a larger number of IP addresses (blocks of IP address ranges), thereby risking collateral damage caused by ISPs sharing IP addresses of multiple Internet users.
IP address banning is also used to limit the syndication of content to a specific region. To achieve this, IP addresses are mapped to the countries they have been assigned to. This has been used to devastating effect most recently to target Nigerian IP addresses due to the perception that all business emanating from the country is fraudulent, thus making it extremely difficult for legitimate businesses based in the country to interact with their counterparts in the rest of the world. To make purchases abroad, Nigerians rely on proxy companies to mediate transactions.
In a 2013 court ruling on Craigslist v. 3Taps, US federal judge Charles R. Breyer decided that circumventing IP blocks in order to access a website (for example using anoynymous proxies) is a violation of CFAA, punishable by civil damages for "unauthorized access".
- HOSTS_ACCESS(5) FreeBSD man page. Wietse Venema.
- Eckersley, Peter. "Six Tips to Protect Your Search Privacy". Electronic Freedom Foundation. Retrieved 17 April 2014.
- "IP Cloaking Violates Computer Fraud and Abuse Act, Judge Rules". WIRED. 20 August 2013.