Overview
If you have received a message stating you’ve been “Blocked because of IPS Attack” in your browser, you may not be able to browse your website hosted with Conetix nor access any other services hosted by Conetix. The message may look similar to:
Cause
Conetix runs Next Generation Firewalls (NGFW’s) which feature detailed a Intrusion Protection System (IPS). This IPS inspects all packets and looks for known security issues, as well as behavioural patterns in order to block malicious behaviour.
On rare occasions, this may be a false positive and will occur in situations where you have a script which is constantly trying to connect with the wrong credentials or has malformed packets.
Depending on the severity of the attack, your IP may remain blocked for anywhere between 2 hours to 2 weeks. We recommend submitting a support ticket with us, providing details such as the IP address you’re connecting from (you can get this from whatismyipaddress.com), the time you first saw the message and the activity which was occurring at the time.
It is imperative that the cause of the errant script or application be identified and rectified before requesting any IPS block removal otherwise the firewall systems will instantly block the IP address again if they detect the same behaviour.