How Do the IP Access/Ban Methods and Properties Work?

Several interfaces, methods, properties, and an enum can be used to retrieve and set IP addresses that are denied or allowed access. The diagram and description below describe how the interfaces, methods, properties, and enum all work together. Scroll down to Related Topics for links to the IP-related interfaces, methods, properties, and enum. For an example of an IP ban access script, refer to Script Examples: UserIPBanEntry.

• The ICIServer, ICISite, or ICIClientSettings interfaces each provide a GetIPAccess() method to retrieve an array (list) of IP access rules, regardless of how those rules were created, whether automatically due to auto-ban, or manually with deny/allow assigned to an IP address. The array of IP rules returned by GetIPAccess() will be different depending on whether you invoke the method under the ICIServer, ICISite, or ICIClientSettings interface.

• ICIIPAccessRule is the parent interface for managing IP access rules. It returns the IP access rule type (manual or auto) for a given rule in the array of IP rules obtained using GetIPAccess(). The available types are 0 for auto-banned IPs, 1 for manually added IPs (which could be banned or allowed).

• Two interfaces inherit from ICIIPAccessRule: ICIManualIPAccessRule and ICIAutobanIPAccessRule.

• ICIManualIPAccessRule is used to obtain the properties of an IP rule that was manually added to the IP access rule set. Those properties include the IP address, whether the IP is allowed or denied, and the date the IP was added to the IP access rule set.

• ICIAutobanIPAccessRule is used to obtain an array of automatically banned IPs as a subset of the entire array of IP access rules.

• After you have the ICIAutobanIPAccessRule array, you use ICIBannedIP to obtain the properties for each of those auto-banned IP rules, including the IP address, the date banned, whether the ban is permanent or temporary ban, the ban expiration (if applicable), and ban reason.

Related Topics

• ICIAutobanIPAccessRule - Provides the Autoban IP access rule BannedIPs property

• ICIBannedIP - Represents an entry in an IP address autoban list

• ICIClientSettings

• AddIPAccessRule - Adds allowed (true) or denied (false) IP mask for the client

• GetIPAccessRules - Retrieves an array of client/template IP Access rules

• GetLimitAccessByIP - Determines if the IP Access Restriction List  is enabled on the Settings Template or user account

• IPAccessAllowedDefault - Set or retrieve whether user or Settings Template IP access settings allow or deny access by default (if no rule match)

• MoveIPAccessRule - Change allowed IP access rule position

• ICIManualIPAccessRule - Represents an IP address access rule that was added manually

• ICIServer

• AddIPAccessRule - Adds allowed or denied IP mask for administration

• GetAdminIPs - Retrieve an array of IP addresses for the computer on which the Server is running

• GetIPAccessRules - Retrieve an array of administration IP address access rules

• GetLocalIP - Given an index, retrieves a Local IP address

• IPAccessAllowedDefault - Retrieve or specify the default IP Access restriction list

• ListenIP - Retrieve or specify the server's IP address

• ListenIPs - Retrieve or specify the IP addresses on which the server listens

• MoveIPAccessRule - Change allowed administration IP access rule position.

• RemoveIPAccessRule - Remove allowed or denied IP mask for administration

• UnbanIP - Remove denied IP mask from Autoban list for administration

• ICISite

• AddIPAccessRule - Adds allowed or denied IP mask for the Site

• AutoBanIPsPermanently - Retrieve or specify whether to automatically ban IP addresses permanently

• BanIPForInvalidLoginAttempts - Retrieve or specify whether to ban an IP address after excessive invalid login attempts with existing username and wrong password.

• BanIPForInvalidLoginAttemptsWithExistingUsername - When banning an IP address for invalid login attempts, specify whether to count incorrect username and correct username + incorrect password or only incorrect username attempts.

• BanIPOnDOS - Retrieve or specify whether to ban an IP address after excessive invalid commands

• GetIP - Retrieves the index of the Site Listen IP

• GetIPAccessRules - Retrieves an array of allowed IP masks.

• IPAccessAllowedDefault - Retrieve or specify whether IP access is allowed by default

• ListenIPs - Retrieve or specify the IP addresses on which the Site listens

• MoveIPAccessRule - Change allowed or denied IP mask position for the Site

• RemoveIPAccessRule - Remove allowed or denied IP mask for the Site

• SetIP - Changes the index of Listen IP

• UnbanIP - Removes denied IP mask from the Autoban list for the Site

• IPAccessRuleType enum