: Is it unwise to blacklist an IP address? We have a form on a commercial website which has been abused (but only once or twice) by someone from a particular IP address. A colleague wants
We have a form on a commercial website which has been abused (but only once or twice) by someone from a particular IP address.
A colleague wants to blacklist that IP address from the website.
Seems to me that's overkill, and that there's a risk that genuine customers sharing that same IP address would be blacklisted too.
I suppose a big part of my question is how many people might be sharing that same IP address and could be affected by our blacklist. I suspect that's a "how long's a piece of string" question but some ballpark answer would be really helpful.
We're in the UK if that's significant.
More posts by @Turnbaugh106
3 Comments
Sorted by latest first Latest Oldest Best
IP blocking is there for the right purpose. It is hard to say if this is right for you?
Is it technical abuse?
If they are trying to hack your site post spam to doddgy blogs or something then they will simply use something to mask their IP. So don't do it, you provoke them and also increase the chance for issues
If it is a displeased customer who is offering abuse to your staff and other customers
Then yes I think you can block them without worrying
I cannot comment yet, so i post it as an answer...
It's actually a bit of both 2 questions in one, so let me get to the "is it unwise to blacklist an IP address" first:
For your case:
1. Is your website mostly targeted for UK customers?
2. Is the abusing IP address originating from the UK?
If it's a non-UK IP address and you are targeting UK mostly, just blacklist the IP address.
Based on some statistics: www.internetworldstats.com/stats.htm
If there are 2.4 billion internet users using half of the entire pool of IPv4 address (which is low, since not half of the entire pool is reserved) gives us a ratio of 1.12 users per IP address.
So just blocking 1 IP address blocks 1.12 users on average using above statistics
N.B. getting region specifc information could have other numbers, blocking ranges is a different story etc.
I personally use IP address blacklisting. It is a tool that is often effective at stopping abuse.
There is certainly a risk that IP addresses are shared. All AOL customers appear to come from a small set of IP addresses. Many office buildings use a single IP address for all workers in that building.
You should be able to look at your server logs to determine whether or not this particular IP address is used by multiple visitors. If the IP address has only requests associated with the abuser, then go ahead and blacklist it. Even a week or a month of blacklist is usually enough to deter many abusers.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.