Questions & Answers

Frequently asked questions about IPBlock

How much server resources does IPBlock use?

IPBlock client is extremely light. It typically uses about 50MB of RAM and virtually undetectable amounts of CPU, disk, and network resources.

Is IPBlock for individual website owners or those who use a VPS or dedicated server?

IPBlock can be used on both VPS and dedicated servers. For shared website hosts, the server owner may choose to install IPBlock to let the individual webmasters add site-wide filters (currently available only on Windows servers).

Is IPBlock software safe?

IPBlock has been officially approved and certified by Microsoft as a software ready for Windows Server 2016, 2019, and 2022. IPBlock software have been thoroughly tested to confirm its compatibility and adherence to Windows Server best practices. Certified for Windows Server 2016, Certified for Windows Server 2019, Certified for Windows Server 2022

Additionally, all IPBlock software for Windows is digitally signed by an Extended Validation code signing certificate issued by Sectigo, a trusted root authority.

What are the limitations of IPBlock free trial?

IPBlock free trial is fully functional.

Can IPBlock block by user agent?

IPBlock deals with source IPs, not user agents. Not to mention that user agents are not even readable on the firewall level with https traffic.

A website-specific response to different user agents is trivially addressed by any web application; this is not a challenge that one needs IPBlock or any other advanced security solution to solve. But IPBlock can add unique abilities to a typical website application that deals with user agents. For example, we can create a “mark” web filter that would label all the main search engines. So, if our application sees a Googlebot user agent, but the IPBlock “mark” rule does not label it as from a legitimate Google IP, then our application knows that we are dealing with an impostor and can act accordingly. Or, we can examine our logs and select especially pesky sources of traffic, add those IPs to our custom IP set, and then block that traffic once and for all. Other creative uses are also possible.

IPBlock created a free tool to analyze IIS Web logs. This tool can create a blocking set based on user agents or other criteria.

Does IPBlock work on ARM servers?

Yes, IPBlock works on Linux ARM.

What is confidence in the data centers IP set definition?

Our system detects data centers with a certain confidence level. This detection and classification is not straightforward. There are ambiguous instances, for example, in the case of a small business office where there are real users as well as servers all presenting themselves to the world with the same public IPs. High confidence set contains fewer IPs but has a higher degree of certainty that no real users would originate their traffic from the included IPs.

What is Compromised Computers?

This IP set contains individual IP addresses and IP ranges from which some form of malicious activity has been recently detected. A computer can be a source of malicious traffic for many reasons, such as being compromised from the outside or used purposefully by its owner. We do not publicly disclose any details about our detection methods or types of activity we collect.

Our audience is primarily American. Should we whitelist the USA?

If your intention is to filter out the other countries while keeping the American traffic in, no. Please consider that the White List IP sets take precedence over the Block List sets. For instance, if you select certain crawlers or data centers in your block list and then whitelist the USA IP set, then any crawlers or datacenters will be allowed if they are in the US, even if you explicitly chose to block them in the Block List. In addition, of course, whitelisting the USA will not automatically block other countries. To block other countries, you need to select them in the Block List.

Do you support IPv6?

At this time, no. The current version of IPBlock ignores IPv6 packets and requests.

I accidently blocked myself out of my server and can no longer access it. What should I do?

Go to the IPBlock portal and edit the IP Multiset to include a white list of your own IPs. Apply the changes and wait a minute for the changes to propagate.

Can I use IPBlock for managing secure access to my server by creating a custom access IP set?

No, it is not a good idea to rely on IPBlock as an authentication mechanism; it is not designed for this purpose. You still need to use passwords or other usual methods of authentication. IPBlock is designed to block or filter out the vast majority of unwanted traffic, but not all of it and not 100% of the time.

What are ephemeral ports and why is it not recommended to include them in the firewall rules?

Ephemeral ports are in the 49152–65535 range, and they are opened dynamically for a short period to maintain communications initiated from the server itself. Blocking them does not significantly improve protection from the traffic initiated from the outside and may hinder outgoing communications. If your intention is to limit outgoing connections, the built-in Windows and Linux firewalls have a number of features to accomplish this directly. Having said that, you can disregard the ephemeral port warning, and the IPBlock rule will execute according to your setting.

How accurate is your data?

Country data is over 99.4% accurate.
Datacenters medium certainty cover over 85% of the server locations with less than 1% false positives.
Datacenters high certainty cover over 80% of the server locations with less than 0.5% false positives.
Spider IP sets for the first-tier search engines are over 99.9% accurate; the rest varies.

Is IPBlock better for a specific kind of site owner?

IPBlock resides on the server itself, not outside of it and it is best suited for anyone who is in complete control of their servers – and individual or a corporation with dedicated servers, VPS, or collocation. Not just Web servers, any kind of servers can benefit from IPBlock (a few case studies here). IPBlock is not just for DDoS mediation; it helps control bandwidth and server resources, fight website scraping, SPAM, and dictionary attacks.

What is IPBlock competitive advantage?

With just a few clicks, you can add geofence protection or geo-targeting, block known compromised computers, block known data centers, and upload your own custom IP sets.

How much does IPBlock cost?

The monthly pricing starts at $9.99 for a single server; for $49.99, one can protect up to 15 servers. We also offer enterprise plans for larger organizations.