Avatar of Gregory Ambrose
Gregory Ambrose
Flag for United States of America asked on

Block an IP in Coldfusion

How do I block a specific IP address from accessing a website.
ColdFusion Language

Avatar of undefined
Last Comment
LajuanTaylor

8/22/2022 - Mon
erikTsomik

try these steps
Log into the .htaccess Editor, and then click Block IP Addresses.
Select the directory from which you want to block access. ...
To add a new IP address or range, enter it in the designated field.
Click Save to save your settings. ...
To delete an IP entry, click the delete icon in the Blocked IP Addresses/Ranges table.
erikTsomik

ASKER CERTIFIED SOLUTION
gdemaria

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
erikTsomik

I would not rely on CGI variable because they can  easily be  manipulated. But as general rule I would  use the suggestion
Your help has saved me hundreds of hours of internet surfing.
fblack61
Gregory Ambrose

ASKER
Thanks for the Coldfusion solution; I could get the .htaccess solution to work.
LajuanTaylor

@Gregory Ambrose - You have several options depending on the environment you are working in. For example,
Is the site hosted on a Windows or LINUX based server?
Is the site on a local intranet or public facing Internet?
Is the server managed in-house or by hosting provider?

Yes, you can leverage CF to block specific IPs or range of IPs. However, you have to maintain the list if the IP changes.
Gregory Ambrose

ASKER
@LajuanTaylor

The site faces the public on a windows server provided by a hosting company.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
LajuanTaylor

@Gregory Ambrose - If you suspect malicious user(s) via Internet traffic, then your best defense might be to have your hosting provider block the suspect IP range. Sometimes the control panel tools for management of your site allow you to perform this task yourself.

In addition to @gdemaria solution, you could add an application enhancement that captures the client IP in a table after certain conditions are met. Then use some sort of UDF, OnRequest, code to automatically restrict site access if the IP address was logged...