Automatically Banning IP addresses

If someone writes a program to guess activation keys, they will present a large number of invalid activation keys to the server in a short period of time. Activation Pro has the capability to automatically ban this IP address based on parameters you specify.

The first time an invalid activation key is presented to the license generator by a particular IP address, the license generator logs the time. After this, if N bad keys are presented within a specified time interval, the IP address is automatically banned. Once this time interval passes without N bad keys being attempted, the whole process resets (in other words, N bad attempts will be required before the IP address is banned).

By default, the interval is 600 seconds (10 minutes) and the number of bad keys which cause the IP address to be banned is 40. However, you can change both of these parameters in the AdminDatabase tab (available to admin users), near the bottom of the form:

../_images/auto-ban.png

In this example, 50 bad activation keys within 600 seconds will cause the IP address to be banned. To set the parameters, enter the 2 parameters into the text boxes and press Set Banned List Parameters.

Once banned, the IP address will appear in the normal banned list. The banned IP address will have to match the IP address exactly, rather than the substring domain name match of normal banned hosts.