Why Is Your IP Address Blocked?
In this article, we will discuss how and why a VPS server or Dedicated server might block an IP address and how to resolve it.
When your company hosts a website or web app online, whether it’s an individual dedicated server or a whole server cluster, you naturally expect to have uninterrupted access at all times. However, it’s possible that in rare circumstances, your server could accidentally block your IP and prevent you from connecting and using the service.
If that has happened to you, this quick summary will provide you with all the essential information needed to verify the status of your IP. Additionally, we will offer some of the most common reasons for being blocked, as well as a few suggestions on how to unblock and whitelist your IP as quickly as possible.
How Does IP Address Blocking Work?
IP-based blocking creates barriers in a network that block all traffic to or from a set of IP addresses. This approach to blocking content doesn’t directly block content but traffic to known IP addresses associated with some content or an application. IP-based blocking is also accomplished by software on users’ computers, typically for network security purposes.
IP Address Blacklisting
IP blacklisting is a method of filtering illegitimate or malicious IP addresses from accessing networks. A list called a blacklist is created of the IPs desired for blocking and may contain individual or a range of IP addresses. Cybersecurity personnel typically use blacklists with intrusion prevention systems (IPS), firewalls, and other traffic filtering tools to filter malicious traffic according to policies or by manually adding specific IP addresses.
How Do I Know If My IP Is Being Blocked?
To confirm you are blocked from accessing your server, you should try to log in to your web server, as usual, to see what kind of connection error message you’re getting. This error will often provide a specific reason that your IP has been blocked.
In case the error message is vague or unspecific, you can also ping your server for more information.
Ping A Server on Windows
- Open a Command Prompt (Press Windows+R to open a “Run” box.)
- Type “cmd” in the run box and then press Ctrl+Shift+Enter which will open a verification popup asking if you would like to allow the cmd application to make changes to your device.
- Click yes to open the Administrator Command Prompt.
Next, type in the “ping” command followed by your server’s IP address, and then press Enter
Ping A Server on A Mac
- Open Spotlight and search for Network Utility
- Switch to the Ping tab
- Enter your server’s IP and click ping.
Additionally, you can ping the server’s IP with an externalmonitoringtool to see whether it’s accessible from other locations. We can also check the operational status of the Liquid Web services at the website.
If your server is accessible to others, you could try logging in using a VPN until your IP block is lifted. You might wonder why the server blocked your IP in the first place? There can be a few reasons for this issue, that will mainly be related to either trying to log in using incorrect credentials, or possibly having your IP associated with spam or malware-like behavior.
Failed Web Login Attempts
The most common scenario for getting blocked by your server is trying to log in too many times too quickly or with incorrect credentials. Most servers have a time limit placed for the number of login attempts. So if you find yourself mistyping the username and password several times, it would be better to reset your password rather than risk getting blocked.
The reason that IP blocking options exist, is to prevent access from unauthorized individuals. This service prevents more severe threats, such as hackers or other malicious individuals from gaining access to your information. If the number of login attempts wasn’t restricted, someone could potentially orchestrate a brute-force attack against the server. This type of attack illustrates how an attacker could try to connect to your login, via a continuous process of trial and error of random username/password combinations. Since most modern web hosting providers have a brute-force monitoring option in place, it could be triggered by your actions as well.
Incorrectly Configured Mail Client
Your web-based mail server has similar brute-force protection in place, which turns on when it detects a specific large number of frequent, unsuccessful login attempts. The problem, however, could be in the IMAP or POP3 configurations of your email client.
Having an error in the stored login credentials or if using SMTP validation, for example, (which doesn’t prevent the software from trying to reach out to the server on the web), could result in the connection attempt being blocked as well.
Misconfigured FTP or SSH Access
Your server not only screens the login attempts to cPanel and the mail server, but it also monitors FTP and SSH connections. There is generally more room for error when logging in through an FTP client since it requires a bit more information than your regular web login. At a minimum, besides your regular username and password, you need to specify the hostname or IP of your server, and the correct port (21 for FTP, and 22 for SFTP, unless an alternative port is being used).
The SSH accessconfiguration is often the most tricky. If you are not sure whether you’re using the correct command in the CLI (Command Line Interface or Terminal), you can contact Liquid Web support at your web hosting company for a walkthrough.
[root@host ~]# ssh firstname.lastname@example.org email@example.com's password: Permission denied, please try again. firstname.lastname@example.org's password: Permission denied, please try again. email@example.com's password:
Spam or Malware Protection
In the unlikely event that someone does gain unauthorized access to your server, their actions are still being monitored for any suspicious activity through a list of rules specified in the ModSecurity module.
As soon as any malware-related activity is detected or your mail server or is being flagged for sending too many email messages, your IP will automatically be added to a blacklist.
Steps To Unblock Your IP Address
The first step to resolve a blocked IP is to submit a support request to Liquid Web with the blocked IP address (which you can look up online). At Liquid Web, we respond to your phone and chat support requests in less than a minute, but if you need a quicker response, there are alternative options that you can try to gain access promptly. These include using your Manage interface;
Or using the CSF interface within WHM.
As noted earlier, you can also try logging in with a different IP, whether that’s from a different physical location (e.g., home instead of an office) or through a VPN client. Once connected, verify that your login credentials are correct, or if not, you can always reset your password. If, for some reason, you are unable to gain access to the server or don’t hear back from our support team right away, you can try to access the server using your regular IP after 15-30 minutes since most IP blocks only temporarily prevent access.
Being blocked from accessing your server, while a definite inconvenience, provides a needed function as the benefits decidedly outweigh the drawbacks. We learned how to test, verify and remedy a blocked IP address. both in Manage and in CSF.
About the Author: Ronald Caldwell
Ron is a Technical Writer at Liquid Web working with the Marketing team. He has 9+ years of experience in Technology. He obtained an Associate of Science in Computer Science from Prairie State College in 2015. He is happily married to his high school sweetheart and lives in Michigan with her and their children.
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.
How to Install ClamAVRead Article
How to Use Disk Quotas in Dedicated Linux Servers with PleskRead Article
Guide on Connecting to Remote Servers Using SSH in Linux, Windows, or macOS SystemsRead Article
New User Tutorial: What is DNS?Read Article
Difference Between AlmaLinux and Rocky LinuxRead Article