Web Sites - limiting viewings?
 

Friend asks:

Is there a(n) easy way to limit the ability of certain IP addresses to view a web site?
I didn't know, but I'll be you guys do - !

Fire away -

A firewall can be used to block IPs from accessing your (server) IP (if you are on a dedicated server, one IP per domain.). You can also use options in the Apache config files to do it if you aren't on a dedicated server . Not sure what the options are for IIS (the MS webserver, although you can run Apache on windows boxes no problem).

If you want to limit the number of views, etc. per IP, that is doable also via cookies and server side programming.

What exactly do you want to do?

Registration with e-mail log-in will also limit the viewers and cut down on bandwidth costs.
For instance, Craiglist uses recatcha.net to add another (human) layer to cut down on spam and verify posters.

Do you want to set up a personal site and not be deluged with costs from fake seach-engine links?
There are probably plenty of free servers out there which allow limited bandwidth, and free .html programs to set up a basic site.

He wants to keep 2 particular people - whom I assume have each a unique IP address (?) - from having the ability to have any access whatsoever to his web site -

How?

You can do this by creating an .htaccess file and placing it in the root directory.

It should look something like:

order allow,deny
deny from 123.456.789.123
deny from 987.654.321.321
allow from all

Newbie question:

How does he find the IP address of the parties - via e-mail or ?

FYI, it's a bad assumption to assume that a single person will be using a single IP address. Some big ISP's (AOL, for instance), have a small group of IP addresses that ALL of their customers use. That means that if you block one IP address, it could very well block tens/hundreds of thousands of users.

Also, if the person is using dial-up, or some DSL/cable connections, their IP addresses can change quite regularly, so if you block specific IP's, it might only be valid for a small amount of time.


As to finding out the IP address, you CAN figure out their IP address at the time from emails, assuming they weren't using some form of web-mail (Gmail, etc).

The best bet is to tell us the details of how the people are interacting with the user and his site, what kind of site it is, how it is being hosted (on a generic 3rd party hosting company, custom-made site hosted elsewhere, etc.), as the specific methods of how to do this are VERY context specific.

What is the user doing to piss off the client? And why "view the site only a certain number of times"?

Basically, you've asked a VERY generic question that is almost impossible to answer, IMO, and we need more info to figure it out.


$0.02 (CDN)

Is it the IP address that allows, for example, a site to know that I am in Kirkland, WA?

the short answer is no. limiting an ip address is not the way. you can get aroud that by simply opening up your command prompt and typing ip release then renew and youll get another one that quick. it depends on your host. the only way to truly do it, is by using a login page and dont give him access.

+1

You can forget about manually blocking a person via IP unless the unwanted traffic is coming from a business or government organization. All home connections use dynamically assigned address, so the offending person could easily just request a new address. If it is coming from an indentifiable organization, you could block them entirely, but it would be far more sporting to have an attorney write a well crafted letter, explaining that you do not appreciate the offending behavior.

What are the domain names of the e-mail address(Everything after @ in the address)?

There is some geomapping available, but the data changes constantly.

Here is a related question...

I know my IS guy can see what sites I visit. He's told me he can. But if it is a password protected site can he read what I am posting or viewing?

It depends.

The normal access logs won't show the content, but he could set up WireShark or some such and specifically snarf your traffic.

Can't sniff it if it SSL encrypted. Otherwise, everything is open. For untrusted connections (hotel wireless, etc) I use a SSH tunnel to a server I run. You can do the same with a VPN.