All IP addresses and client fingerprints of the locked-out clients are displayed on the WEBSITES > Advanced Security page, Locked Out Clients section. A client IP address/client fingerprint is blocked when a violation is detected in the request, and Follow Up Action is set to Block Client-IP/Block Client Fingerprint for that attack on the SECURITY POLICIES > Action Policy page.
Two different web interfaces are displayed based on the Lockout Settings configured under Advanced > Security Management in the ADVANCED > System Configuration page:
- All Services - When the All Services option is selected, you can view the list of client IP address(es)/fingerprint(s) that are blocked by the Barracuda Web Application Firewall.
- Per Service - When the Per Service option is selected, you can view the IP address(es)/fingerprint(s) of the locked out clients for each service.
Clearing Locked Out Clients
The client IP address(es) are blocked when a request from the client matches any of the following policy settings:
- Follow Up Action set to Block Client-IP for an attack in the SECURITY POLICIES > Action Policy page.
- Enable Bruteforce Prevention set to Yes in the URL policy associated with the service in the WEBSITES > Advanced Security page.
- Session tracking Status set to On for a service in the WEBSITES > Advanced Security page.
The administrator can unblock the locked client IP address(es) using the Clear Locked Out Clients section in the WEBSITES > Advanced Security page.
Unblock a client IP address
- Go to the WEBSITES > Advanced Security page, Clear Locked Out Clients section.
- In the Client IP Address field, specify the IP address of the client that you want to unblock.
- Click Remove from Lockout.
- Alternatively, click Remove All Clients from Lockout to clear all blocked client IP addresses.