Link to home
Start Free TrialLog in
Avatar of Gregory Ambrose
Gregory AmbroseFlag for United States of America

asked on

Block an IP in Coldfusion

How do I block a specific IP address from accessing a website.
Avatar of erikTsomik
Flag of United States of America image

try these steps
Log into the .htaccess Editor, and then click Block IP Addresses.
Select the directory from which you want to block access. ...
To add a new IP address or range, enter it in the designated field.
Click Save to save your settings. ...
To delete an IP entry, click the delete icon in the Blocked IP Addresses/Ranges table.
Avatar of gdemaria
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I would not rely on CGI variable because they can  easily be  manipulated. But as general rule I would  use the suggestion
Avatar of Gregory Ambrose


Thanks for the Coldfusion solution; I could get the .htaccess solution to work.
Avatar of LajuanTaylor

@Gregory Ambrose - You have several options depending on the environment you are working in. For example,
Is the site hosted on a Windows or LINUX based server?
Is the site on a local intranet or public facing Internet?
Is the server managed in-house or by hosting provider?

Yes, you can leverage CF to block specific IPs or range of IPs. However, you have to maintain the list if the IP changes.

The site faces the public on a windows server provided by a hosting company.
@Gregory Ambrose - If you suspect malicious user(s) via Internet traffic, then your best defense might be to have your hosting provider block the suspect IP range. Sometimes the control panel tools for management of your site allow you to perform this task yourself.

In addition to @gdemaria solution, you could add an application enhancement that captures the client IP in a table after certain conditions are met. Then use some sort of UDF, OnRequest, code to automatically restrict site access if the IP address was logged...