As a web agency that seeks to provide excellent hosting service we always want to ensure that our clients have safe and reliable service. Normally everything runs just fine, our clients can visit their websites and send and receive mail as they expect, not even noticing that our servers are blocking hack attempts. Every so often though we run into a thorny issue where ‘safety’ and ‘reliability’ fight against each other. This is when the client starts to run into problems; case and point, IP blocks. Normally an IP block is an easy fix, we just unblock it and our clients continue on their merry way. There are occasions though when a client gets continually blocked. This is when we have to do a lot of extra work and make some tough decisions.
The easy solution to this problem is to just permanently white-list certain IP addresses, tell the server to never block them no matter what. This would be easy and make our clients happy, but it is something that we avoid doing at all costs.
What’s Wrong with Whitelisting an IP Address?
Whitelisting an IP address compromises the security of the user as well as the reliability of the server for everyone else that uses it. To unpack this, we need to explain what an IP address is and why IP addresses get blocked in the first place.
What is an IP Address?
An internet protocol (IP) address is a unique identifier that is given to users according to the device and the network they use to access the internet. Every time a computer or mobile device sends a request to a server it also sends its IP address so the server can identify who is making the request and to whom it should send information back to. It is very similar to writing one’s address in the top left corner of an envelope.
So every time you check your email or visit a website the modem in your network takes your requests, labels them with its IP address, and broadcasts them to the appropriate servers which then reply back to your modem which in turn broadcasts the reply to your device. If you have several devices all connected to the same modem (like in an office) then all those devices will be using that modem’s IP address. If you have a mobile device or laptop which you travel with it may connect to all sorts of different modems and so use different IP addresses depending on which network it is currently connected to.
Why Do IP Addresses Get Blocked?
IP addresses get blocked because someone is repeatedly attempting to access the server with invalid login credentials. Hackers often attempt to gain access to servers by hitting them with ‘brute force attacks’ where they have an algorithm cycling through millions of password combinations a minute that will keep going until the correct combination is reached. Once inside, they have access to your website and to your emails, and they can set up spam bots to broadcast spam/scam/virus emails from your email address. We really don’t want this to happen to our clients so we follow the convention of blocking IPs that hit the server too many times with incorrect login information. Unfortunately one of the problems we run into is that a misconfigured device owned by the client will also hit the server repeatedly with incorrect login credentials and the same security measure used to block a hacker will now be used to block the client.
Why Whitelisting Your IP Is Bad for Your Security
When a device hits the server with incorrect login information it can not tell whether the device belongs to the user in their office/home or if the device belongs to a hacker on a different continent. IP Addresses can be ‘spoofed’ using virtual private networking (VPN) technology. Whitelisting a client’s IP address that gets continually blocked would stop the client from getting blocked but it would also stop potential intruders from getting blocked too.
Another issue is that IP addresses can cycle between users. Just because you have one IP address for your office today doesn’t necessarily mean it will be the same IP address tomorrow. Some service providers cycle their IP addresses and there is no telling who might have it in the future.
Why Whitelisting Your IP Is Bad for Everyone Else on the Server
While each account on our server is modularized to protect their information (so that if one account gets hacked the others are still safe) if one account does get hacked the other users on that server may still be affected. Many hackers, once they gain access to a legitimate account will use that account’s email to send spam. If this were to happen on one of our servers then that server would soon get flagged and gain a bad reputation, which means that everyone who has their email hosted on that server will start having their emails automatically labelled as spam. This is a nightmare to deal with for both the clients and us. When we permanently whitelist an IP address, are compromising the safety of everyone on the server.
Even if it were safe to whitelist an IP address, we would avoid doing so to guard against lag and potentially overwhelming the server. Every time the server is hit with a request it needs to check through the list of IP addresses that are whitelisted and blacklisted. Every time someone wants to send or receive email, view a webpage, or click on something on those webpages the server needs to go through those lists. The longer those lists are the more time it takes for the server to process each request and the server is constantly being hit with requests from users all over the world. If we added one or two IP addresses to the whitelist the effects would be negligible. If we made it a practice then within a few short years everything would bog down and everyone would suffer.
What We Will Do if Your IP Address Gets Blocked
When you call in for support we want to get you back up and going as quick as possible and then provide you with the best and most permanent solutions. In order to do that, these are the services we offer as part of your hosting package in order of progression.
- We will unblock you. A lot of IP blocks are a one-time occurrence and this will solve most of them.
- We will put you on a temporary white-list if you are configuring a new device or have been blocked multiple times.
- We will reset your password.
- We will provide information on how to properly configure email settings.
- We will investigate the possibility of a hacking attempt and take appropriate action.
- We will work with you remotely using screen share software to configure your devices.
What YOU Can Do if Your IP Address Keeps Getting Blocked
If your IP address keeps getting blocked the issue is most likely a device with incorrect settings that automatically attempts to grab new emails ever five minutes or so. The best and most long-term fix is to reconfigure every device you can think of that is set to check email hosted on the server. If could be a desktop, laptop, tablet, or phone.
- Start by making sure all your devices are using correct passwords, it could be that it was typed in incorrectly, especially if you have recently added your email account to a new device.
- If this doesn’t work then send us a message or give us a call and we will provide you with both incoming and outgoing settings and instructions for how the set them up.
- Ensure that any ‘optional’ fields for usernames or passwords in the incoming/outgoing settings are filled in as our server actually does require them.
- If you are still getting blocked then expand your search to more than just the devices you use for work, it could be a phone you rarely use anymore or it may be a device owned by an employee who travels a lot (triggering the block when their device re-connects to your network) or a device owned by a former employee who still comes in to visit.
Fireside IT / Tech Support
If none of these options resolve the problem or if you need things done immediately we can offer on-site IT support for the Orillia area and will come to your location to ensure that all your devices are configured properly and solve your IP blockage once and for all. This service is not included in your hosting package and the price may vary depending on the distance traveled and how much time is spent on-site.
