IP Bans & Security
The platform protects your community on two fronts: automatic abuse-blocking that reacts to attacks in real time, and your own manual IP bans and whitelists. For the full firewall UI walkthrough, see Firewall Management.
Managing IP bans
Manage your bans and whitelists at /admin/ip-bans/manage. The screen gives you a stat strip, filter chips, a sticky-header table, and themed confirmation modals. It is mobile-responsive, so you can ban from your phone.
- Ban. Block all access from an IP or CIDR range.
- Whitelist. Mark an IP as never auto-bannable — useful for VPNs or shared offices.
- View. See every active ban and whitelist with its creation date and reason.
Click an IP to copy it. Click a column header to sort. Filter by type, source, or age.
A read-only view of the live block list is available at /admin/iptables for reference; all changes are made on the manage screen above.
Automatic abuse-blocking
The platform watches for attack patterns and bans offending IPs on its own, based on:
- Repeated failed login attempts
- Brute-force password attacks
- Rate-limit violations
- Suspicious probe patterns (404 scanning, injection attempts)
Automatic bans expire on their own — one hour for a first offense, longer for repeats. Whitelisted IPs are never auto-banned.
Web application firewall
A built-in web application firewall inspects incoming requests and blocks common web attacks — injection, cross-site scripting, and path traversal among them — before they reach your community. It runs ahead of the application, so blocked requests never touch your pages. The protection is maintained for you; there is nothing to configure.
Audit trail
Every ban, whitelist, edit, and unban is recorded in your audit log at /admin/audit. Filter by firewall events to see who banned what, and when.
Access
/admin/ip-bans/manage requires Tenant Admin role or higher.
## IP Bans & Security The platform protects your community on two fronts: automatic abuse-blocking that reacts to attacks in real time, and your own manual IP bans and whitelists. For the full firewall UI walkthrough, see [Firewall Management](/know/admin-iptables). --- ## Managing IP bans Manage your bans and whitelists at `/admin/ip-bans/manage`. The screen gives you a stat strip, filter chips, a sticky-header table, and themed confirmation modals. It is mobile-responsive, so you can ban from your phone. - **Ban.** Block all access from an IP or CIDR range. - **Whitelist.** Mark an IP as never auto-bannable — useful for VPNs or shared offices. - **View.** See every active ban and whitelist with its creation date and reason. Click an IP to copy it. Click a column header to sort. Filter by type, source, or age. A read-only view of the live block list is available at `/admin/iptables` for reference; all changes are made on the manage screen above. --- ## Automatic abuse-blocking The platform watches for attack patterns and bans offending IPs on its own, based on: - Repeated failed login attempts - Brute-force password attacks - Rate-limit violations - Suspicious probe patterns (404 scanning, injection attempts) Automatic bans expire on their own — one hour for a first offense, longer for repeats. Whitelisted IPs are never auto-banned. --- ## Web application firewall A built-in web application firewall inspects incoming requests and blocks common web attacks — injection, cross-site scripting, and path traversal among them — before they reach your community. It runs ahead of the application, so blocked requests never touch your pages. The protection is maintained for you; there is nothing to configure. --- ## Audit trail Every ban, whitelist, edit, and unban is recorded in your audit log at `/admin/audit`. Filter by firewall events to see who banned what, and when. --- ## Access `/admin/ip-bans/manage` requires Tenant Admin role or higher.
