This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.
Block an IP in Coldfusion
How do I block a specific IP address from accessing a website.
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
try these steps
Log into the .htaccess Editor, and then click Block IP Addresses.
Select the directory from which you want to block access. ...
To add a new IP address or range, enter it in the designated field.
Click Save to save your settings. ...
To delete an IP entry, click the delete icon in the Blocked IP Addresses/Ranges table.
Log into the .htaccess Editor, and then click Block IP Addresses.
Select the directory from which you want to block access. ...
To add a new IP address or range, enter it in the designated field.
Click Save to save your settings. ...
To delete an IP entry, click the delete icon in the Blocked IP Addresses/Ranges table.
I would not rely on CGI variable because they can easily be manipulated. But as general rule I would use the suggestion
@Gregory Ambrose - You have several options depending on the environment you are working in. For example,
Yes, you can leverage CF to block specific IPs or range of IPs. However, you have to maintain the list if the IP changes.
Is the site hosted on a Windows or LINUX based server?
Is the site on a local intranet or public facing Internet?
Is the server managed in-house or by hosting provider?
Yes, you can leverage CF to block specific IPs or range of IPs. However, you have to maintain the list if the IP changes.
@Gregory Ambrose - If you suspect malicious user(s) via Internet traffic, then your best defense might be to have your hosting provider block the suspect IP range. Sometimes the control panel tools for management of your site allow you to perform this task yourself.
In addition to @gdemaria solution, you could add an application enhancement that captures the client IP in a table after certain conditions are met. Then use some sort of UDF, OnRequest, code to automatically restrict site access if the IP address was logged...
In addition to @gdemaria solution, you could add an application enhancement that captures the client IP in a table after certain conditions are met. Then use some sort of UDF, OnRequest, code to automatically restrict site access if the IP address was logged...
Premium Content
You need an Expert Office subscription to comment.Start Free Trial