HostMonster Web Hosting Help
If Your Local IP is Blacklisted
"Access denied. Your IP address is blacklisted." Wait, what?!
It sounds scary, but you probably haven't done anything wrong. It means we've detected some suspicious activity that might indicate a security breach, so we've blocked the responsible IP address to protect your account. Unfortunately, sometimes we unintentionally block legitimate activity. Keep reading to learn what kind of activity looks suspicious, and what you should do if an IP address you're using has been blacklisted.
Failed Login Attempts
Hackers like to use a variety of sophisticated techniques to hack into an account. One technique uses a program to systematically guess your password until they get it right. To identify this and other types of suspicious activity, our system monitors all network activity then flags patterns of activity that look suspicious. Then, depending on the type of activity, it will either blacklist the IP address or flag it for review.
The most common reason we'll blacklist an IP address is due to a high number of failed login attempts to your control panel, email accounts, site builders, SQL, SSH, FTP, etc. in a short time. This type of activity could be benign, as in the case of a forgotten password; but it could also be a symptom of malicious activity, such as a hacker trying to access your account. Unfortunately, sometimes it's hard to tell, which can result in an erroneously blacklisted IP.
A blacklist status is often temporary. If the IP address you're connecting from is blacklisted because you mistyped your password a few too many times, try again in about two hours. In the meantime, it's a good idea to reset your passwords. Check out How to Create a Strong Password for a few tips.
Failed login attempts aren't the only reason why we'd blacklist an IP address. We monitor all kinds of traffic and connections for your account. If we see a huge spike in activity from one IP address that's significant enough to impact the server negatively, we may blacklist the IP address responsible because it looks like an attack.
If your connection is suddenly blocked and you don't know why, it's possible that someone else on your network is responsible for the activity resulting in the blacklist. For this reason, we don't recommend logging in to your account from a hotspot or public internet connection.
Unfortunately, sometimes we unknowingly block legitimate connections. If you see this error on your home or work connection, try logging in again after two hours. If the blacklist is still in place, it's possible that your IP address was blacklisted on a false positive—something we can help you with.
Secure Your Connection
Before you contact us to remove the blacklist, it's important that you find the source of the suspicious activity and secure your internet connection so it doesn't happen again. Here are a few suggestions:
- Perform a malware and virus scan on all of your computers and devices that connect to the internet. If you're not sure what software to use, we have some suggestions below.
- Secure the wireless access point on your router, if it has one.
- Update your network password and set the password type to WPA2, if available.
- Check for a software update. Security problems with specific devices are often patched by the manufacturer, resulting in an update that usually needs to be installed manually.
- Talk to the people who use your internet connection and ask a few questions.
- Is anyone running an automated script or program?
- Is someone repeating a manual task that may have resulted in a large number of connections from your IP to the host server?
- Has anyone sent out a large number of emails that might be considered spam, either due to content or volume?
Here are a few free, high quality applications that can help you maintain a safe, healthy computer.