How to build IP database by using IP Security
Article Number: 13
Created On: 2007-04-06 3:06 AM
Author: QualityEbiz [firstname.lastname@example.org]
URL : http://jumbofeed.qualityebiz.com/question.php?ID=13
HOW TO BUILD IP DATABASE BY USING IP SECURITY
- There are 3 steps in the procedure of IP security system. Read carefully and it is very important to understand the process. By building IP database in wrong process may cause you bringing unwanted quality.
- If you have problems to understand how to build IP security database, please contact QualityEbiz.com to get support.
- Over view of the 3 steps
- Step 1 : Run manual IP screening on admin IP Security under Security
- Step 2 : Manually classify unclear hostnames on admin Providers under Security
- Step 3 : Set IP security level to each XML feeds setting
Step 1 :
- Go to IP Security under Security
- Enable Service by clicking the tab. By enabling IP security, script starts collect
all incoming IP addresses into testing section. (See screenshot
- If you see Enable service on the tab = the service is Off
- If you see Disable service on the tab = the service is On
- Click Start Auto Test in New Window (See screenshot
) to start manual IP screening. (Start Auto Test and Start Auto Test in New Windows are same link expect for opening in new window. Opening in new windows is better to continue the process without being disturbed by admin login session.)
You should run auto test till you find no IP addresses under Testing tab (See screenshot
By running auto test, script classify most of IP addresses either bot or not by the general info such as hostname availability. You can always re-check any IP address, ISP, hostname to update the value.
- Clean : IP addresses include 100% clean IP addresses + AOL (+ clean dynamic ips)= Those clean IP addresses will appeared as Clean(
yellow=dialup) on Click logs
- Bad : IP addresses include other kinds of IP addresses which are unknow hosts + blacklisted ips + private ips + fake ips + proxy deducted + Ougo user’s IPs = Those bad IP addresses will appeared as
Pink(Bad) on Click logs
- Testing : IP addresses which entered in the site first time and the hostname is NOT classified as ISP or Bot by IP Security/Auto Test.
Step 2 :
- Clean(Yellow) does
not mean that it is 100% ISP and secure. It is clean IPS which at least had minimum requirements possibly being ISP and not having facts of proxy. (*1. It is possible that script may not deduct proxy if the server does not response at the testing time).
- Since some IP addresses are not possible to determine if it is a real ISP or Bot by script’s Auto test, you must determine the IP address's value to ISP(Internet service provider) or Bot. You will manually classify those unclear IP addresses which is stored under Provider section yourself.
- Go to Provider under Security
- Examine if the Domain name is a real ISP(internet service provider). You can brower teh domain name in another window by copy and past of teh provider section. (See screenshot
: In this example, you should check if
alltel.net is a real ISP or not)
- Click the link of provider and select ISP or Bot by your examination's result and Click save. Below is examples how to examine hostnames.
- Example 1 : you see "
com". Go to "domainexample.com" and see if domainexample.com offers Internet connectivity service. If the site offers ISP service, you can select as ISP.
- Exampel 2 : you see "
org" under one of Hostnames. "mail" could
not be a host name of ISP, this is most likely used by Bot. (Having www. mail. ftp. email. Smtp, kenny(well known bot user extension)in hostname could most likely Bot. Unless it is a large organization you may block as bot.)
- Exampel 3 : You see “
net” under one of hostnames. And you find that yourisp.com offer “web hosting service”. When it is a 100% hosting company, it could most likely used by Bot. (Double check. If the hosting company also offers internet service, you may need to mark as ISP)
- Click here to find more tips how to examine the hostnames. You
should read this tip section since there are
various factors to determine as ISP or Bot.
How to read hostname?
Red part is hostname
Green part is Domain name
Blue part is extention
Step 3 :
- When you have a number of classified IP addresses in IP database, you can select the traffic quality to each feeds. That means that you can use Tested and Secure IP addresses traffic to feeds which would have most strict fraud control. And use Unsecure Clicks(not tested by IP security filter) to the feeds which you may send any kind of traffic to rely on feed's quality control.
- Go to XML feeds and click the feed name to manage
- Set IP security level to each XML feeds setting. Select one of below to filter traffic to individual feeds. (See screenshot
- Normal : All entry can click except for Bot/Proxy stamped IP addresses by IP security. However, If you user Proxy blocker, proxy marked addresses also cannot click. (Click here to read instruction for Proxy Blocker)
- Protected : The IP address has entered once. Script has tested the IP address and it is clean. However, it does not mean that you also tested hostname. If the IP address belongs to a hostname on Providers, it is possible classified as Bot by your manual examination.
- Sensitive Protected : The IP addresses has entered at least once. Script has tested and it is clean. And the provider is also confirmed as ISP by your manual exmination. Therefore, if you choose this option, the feed gets most trusted IP addresses but may get very a few clicks.
Back to Original Question