Streaming live at 10am (PST)

Blocking specific IP address from site

Hi, I’m trying to put this script into my website, but it doesn’t seem to be working.

<script type="text/javascript" src="http://l2.io/ip.js?var=ip"></script>
<script type='text/javascript'>
if (ip == "1.111.111.1111") {
alert('bye bye troll');
window.location = 'http://www.google.com/';
}
</script>

Whenever i put this in the webflow header, it doesn’t activate. I tested using my own IP address but nothing happens. Any solution? I don’t know much JS, so I’m shooting in the dark here.

Hi Eric,

I suggest you do such thing via your domain provider or a server side script.
JavaScript is a client side code, which means it won’t really block the IP (at least not for someone who knows what he’s doing)

Hi Aviv,

Yeah, I know it’s just client side so he’ll still be able to access it if he really wanted to— but he’s not tech savvy and I just needed it to redirect so he doesn’t think much of it.

The Domain provider/Server side script isn’t an option since we’re hosting via webflow :confused:

First, trying to use your visitors IP address to potentially block them with JavaScript is a whack a mole approach. It is trivial for a user to simply connect to a VPN, use a different network, etc. in fact, it is common bad actors to mask their real network address.

The other bigger issue you face, when including a script from a third party site, Is the potential of opening up a vector for a cross site forgery attack, as well as providing the host of the script, analytic data on your site traffic. I would caution against implementation as you have demonstrated for these reasons.

Hey, like I mentioned, I’m aware that it’s not the best solution, but I just want the content to not be so easily available to them. I know it’s strange, but I have my personal reasons.

I understand the latter part, but can nobody help me with a workaround? I don’t really know what to draw from this…

If your site is running on HTTPS your scripts need too as well.
https://l2.io/ip.js
Give that a shot.

Thank you for your suggestion!

The IP script shows up on page now, but the redirect script still doesn’t seem to work.

Here is a working script, using an open source and up to date API from https://www.ipify.org, using the jsonp method.

<script type="application/javascript">
  function getIP(json) {
    if (json.ip = "192.168.1.2") {
     alert("Blocked  -> Go play with Google");
        window.location = "https://www.google.com";
    }
  }
</script>

<script type="application/javascript" src="https://api.ipify.org?format=jsonp&callback=getIP"></script>
1 Like

Hello, thank you so much for asking this question. I have been trying to find a working way to block a visitor using javascript.

I have tried to use the script above, but it does not seem to be working. It redirects all sites, not just the one with the IP address used. Do you know what I could be doing wrong? All I have done is replace the IP address to the one that I want to block. Thank you!

Hi, the reason why the script above wasn’t working is has to do with the IP grabber you were using.

The script I found worked for me was

<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>

<script>
$.getJSON("http://jsonip.com?callback=?", function (data) {
if (data.ip == "insert ip address") {
window.location.replace("https://www.google.com");
}
});
</script>

Just add the alert box and edit whatever site in you want to redirect to and you should be good :slight_smile:

@johnnyie - Quick FYI: jQuery is already loaded on Webflow projects. No need to load another (OLD) version. Just place code dependent on it in the before body custom code area.

How to write in multiple ip address because i use “1.1.1.1”,“2.2.2.2”,“3.3.3.3” the code not working