Trying to access my bank with Firefox browser. Getting "Access Denied - Sucuri Website Firewall". Lists my IP address and the URL I'm trying to access and says "Block reason: Your IP address is listed on our blacklist and blocked from completing this request." I contacted the bank IT and they said they do not block any IP addresses. I connected my laptop directly to my Cox modem and got a different IP address and that was able to access the site. But when I reconnected my router I got the same IP from Cox as before and got blocked. As near as I can determine sucuri is some kind of web server firewall software. it appears one Cox IP is blocked by it but others are not. But the bank isn't running it on their servers. Can there be an intermediate server between Cox and the bank that is blocking it? How would we determine what that is and get it unblocked> Can Cox get it unblocked? How do we know what server is blocking it?

Nighthawk AC1900 Model 7000 See here for instructions on changing the MAC address. A MAC address is a unique hexadecimal number that all network devices have. Think of them as finger marks for computers. Your router has one and the network card in your computer has another. Cox and most cable broadband ISP use something called DHCP that gives out IP addresses automatically based on their MAC address. Different MAC means different IP. That is why you got a different IP when connecting direct to the modem. That is also why you can clone your routers MAC to your PC's MAC to get the same IP, or at least different then the one cached to the router. However I would like to state this is a work around solution. Without knowing what triggered the first black list there is no knowing how long this will work. It's DHCP which changes the IP address perhaps every 24 hours(usually not though) so you might eventually get the same blocked IP again.

I actually follow most of that but I didn't realize the relationship between the MAC address and the IP, although it makes sense now that I realize I got another IP when I replaced the router connection with my computer . I understand this is just a work around. I'll try it for testing purposes and get back to the bank to see if they can do anything. Not sure if they'll be able to help or not but I'll try. I do need to update the router firmware; haven't logged in to the router as an admin for quite sometime. I'll post again once I try everything out and let you know what happens. Thank you for all the input. I'm still a novice but glad to learn a little more each day.

I was able to login to my router and update the firmware. Good idea! Long overdue in my case. I had some difficulties with the MAC cloning, although your instructions were right on target. I saw exactly what you indicated when I was logged into the router but I think I didn't reboot something properly. But no matter, since as you say it really is a work around. The IP I got originally should work but the bank is blocking it for reasons unknown. So, I ran a tracert while on the router and got blocked and then plugged my laptop directly to the modem, getting a new IP, and ran the tracert again, which did not get blocked. I sent that info to the bank so they could see it is their server (or more likely their web vendors server) that is doing the blocking. I'll follow up with them next week. I can't believe I'm the only one who has ever had this problem and they should learn how to fix it.

The result - the bank corrected the problem. I spoke with a guy at their local tech operation and he figured it out after speaking to many people. Sounds like it was a real learning experience. Coming from the IT industry I can understand how hard it is to track these things down. Turns out the vendor who handles their web servers implemented some new security and didn't tell anyone, you know because it's a "transparent change", my words not his. Kudos to the Country Bank tech staff for persevering and getting to the bottom of the problem.

Can Cox get it unblocked? No, this isn't a Cox issue, is is a bank issue. A blacklist isn't something that happens randomly. There must be a reason why they blocked you. Seems Sucuri triggers when it detects malware or DDoS attacks. Changing the IP only hides the problem. Are you sure it was the bank's IT and not just a support rep? I suggest contacting them again. With that said, you can probably get around the problem with MAC cloning on the router. What model router is it? If it triggers again then you know for sure there is something either on your end or their end triggering the block.

Sucuri Website Firewall Blocking Access

WiderMouthOpen
Esteemed Contributor
2 years ago
Can Cox get it unblocked?

No, this isn't a Cox issue, is is a bank issue. A blacklist isn't something that happens randomly. There must be a reason why they blocked you. Seems Sucuri triggers when it detects malware or DDoS attacks. Changing the IP only hides the problem. Are you sure it was the bank's IT and not just a support rep? I suggest contacting them again.

With that said, you can probably get around the problem with MAC cloning on the router. What model router is it? If it triggers again then you know for sure there is something either on your end or their end triggering the block.
- DavidWinter
  New Contributor II
  2 years ago
  The result - the bank corrected the problem. I spoke with a guy at their local tech operation and he figured it out after speaking to many people. Sounds like it was a real learning experience. Coming from the IT industry I can understand how hard it is to track these things down. Turns out the vendor who handles their web servers implemented some new security and didn't tell anyone, you know because it's a "transparent change", my words not his. Kudos to the Country Bank tech staff for persevering and getting to the bottom of the problem.
  - WiderMouthOpen
    Esteemed Contributor
    2 years ago
    Great to hear! I was worried their support would blow you off. It's all about finding the right representative.
    
    PS. I hope you don't mind, I suggested your reply as a answer. AFAIK answered threads don't get locked after 30 days of inactivity.
- DavidWinter
  New Contributor II
  2 years ago
  I have a Netgear Nighthawk AC1900 Model 7000 router. I'll see if I can figure out how to do MAC cloning with it. Is the theory that if I do MAC cloning I'll get a different IP address and that may work? I'm a novice with this stuff but isn't the IP address assigned to me by Cox? Do I have any control over that? If I use MAC cloning is that going to give me a different IP address?
  - WiderMouthOpen
    Esteemed Contributor
    2 years ago
    Nighthawk AC1900 Model 7000
    
    See here for instructions on changing the MAC address. A MAC address is a unique hexadecimal number that all network devices have. Think of them as finger marks for computers. Your router has one and the network card in your computer has another. Cox and most cable broadband ISP use something called DHCP that gives out IP addresses automatically based on their MAC address. Different MAC means different IP. That is why you got a different IP when connecting direct to the modem. That is also why you can clone your routers MAC to your PC's MAC to get the same IP, or at least different then the one cached to the router.
    
    However I would like to state this is a work around solution. Without knowing what triggered the first black list there is no knowing how long this will work. It's DHCP which changes the IP address perhaps every 24 hours(usually not though) so you might eventually get the same blocked IP again.

Forum Discussion

Sucuri Website Firewall Blocking Access

Related Content

Company Website Blocked

My Website is getting blocked by Cox

Blocked Emails

Personal Firewall won't stay on

block specific website addresses

Recent Discussions

Flickering? Fluctuating? speed

Internet

Help with wifi

Cut internet cable

Some devices can’t connect to my panoramic wifi gateway but some can