block multiple attempts from a single IP address

Report · Aug 07, 2008

Hi, is there a way to block multiple attempts from a single IP address? If so are there examples out there on how to?

Thank you in advance

Report · Aug 07, 2008

nkfweb wrote:
> Hi, is there a way to block multiple attempts from a single IP address? If so are there examples out there on how to?
>
> Thank you in advance

You can use the cgi scope to determine the IP address and then do what
you will with this knowledge.

Report · Aug 07, 2008

Your question is not clear.

Report · Aug 07, 2008

Sorry for the short post earlier. Here's my problem; someone is trying to test the validity of credit cards by submitting low balance transactions through my payment gateway. I've already contacted payment processor to implement fraud protection but my question is can I do anything at the code level to block multiple attempts from the same IP?

Report · Aug 07, 2008

As Ian previously mentioned, you may use the cgi remote address and compare it against the IP that is giving you trouble.

From there, you can do disable certain features, do a relocation, etc.

In addition, you can look up the provider that serves the IP by using a whois. If its on a provider in an area/country that you do not service, you can block out the entire service provider based on their range of IP's. This will eliminate the possibility of the same user returning to your site with a dynamic ip.

Report · Aug 08, 2008

Thank you both for your help

Report · Aug 07, 2008

You can log the attempts, read the logs, and decide what to do with the information.

The logs can be either text files or database records. Make sure you timestamp the records. Ian has already told you how to get the IP address.