Internet protocol (IP) address blocking, more commonly known as IP blocking, is a way for an Internet server or other program that communicates online to prevent contact with another system. One of the most common uses for IP blocking is to prevent a computer that is a known security threat from making contact with a server, thereby protecting the server from any malicious actions. Other uses for IP blocking include preventing tracking cookies or websites from seeing user actions, and restricting information from being accessible to a network. Although there are several methods that allow an operating system, router or other software to implement an IP block, there also are many ways it can be circumvented and still other ways for it to be abused.
An Internet protocol address is a unique number that identifies a specific computer on the Internet and also provides information about the physical location of the network through which it is connecting. Nearly all communications through the Internet identify the IP addresses of the computers that are exchanging data. Many protocols and server software suites include a mechanism that checks an incoming connection against a list of blocked addresses so it can restrict access and ignore requests from those blocked addresses.
IP blocking is frequently used as a reactive defense after attempted attacks on a computer system, especially a denial of service (DOS) attack or a distributed denial of service (DDOS) attack, in which the target server is flooded with requests from a malicious system until it shuts down. The same blocking mechanism also can be used to instruct mail servers not to receive messages from addresses known to send bulk spam email. By stopping a malicious computer from wasting the resources of a server, efficiency and security can be greatly increased.
Some computers connect to the Internet through an intermediary server called a proxy. There are several public proxy servers that anyone can use, and they effectively mask the true IP address of the computer using the proxy. For this reason, some network administrators choose to block most known proxy servers to prevent any access from them.
The information stored in an IP address, and the way IP blocking works, allows entire groups of computers to be banned at once. This wider area is known as a domain. This can be used if, for instance, a single Internet access provider has an unusually large number of malicious hackers. Instead of waiting to discover each individual IP address, the entire access provider can be blocked.
The widest range of addresses within an IP address is the country of origin, or country code. This can be used to block all Internet traffic from a single country from using a server and its resources. Some e-commerce websites perform this kind of blocking when a large amount of fraud can be traced to IP addresses within a single country.