Jump to content

Someone asking my public IP address


hamadahmadpak
 Share

Recommended Posts

Hello everyone!
There is a client who shared a website link. When I opened that website there was a 403 Forbidden error that was preventing me from approaching that site. Even after clearing the cache, it didn’t open. I even tried to open that on another device, another browser with another login info but the same error is shown. Then he asked me to share my pubic IP address with him. I want to ask is this safe to share my public IP address with someone or not?
Have a good day:)

  • Like 2
Link to comment
Share on other sites

Than they can unblock location without him sharing IP

Its doubtful they are going to do this. If someone has blocked a location they have done it for a reason, either business or security. Doing it this way is best practice and the customer may not even know how to unblock by region or may not be able to. There are a lot of custom CMS, especially for realtors, that will do this and the customers have very limited instructions on how to do this & may have to contact their own support who will tell them what they can and cannot do.

  • Like 2
Link to comment
Share on other sites

Hello everyone!

There is a client who shared a website link. When I opened that website there was a 403 Forbidden error that was preventing me from approaching that site. Even after clearing the cache, it didn’t open. I even tried to open that on another device, another browser with another login info but the same error is shown. Then he asked me to share my pubic IP address with him. I want to ask is this safe to share my public IP address with someone or not?

Have a good day:)

there was a 403 Forbidden error that was preventing me from approaching that site.

I don’t know why you are blocked from a site after he gives you the link to it but this is not someone you want to deal with probably.

Already there is this problem which is very unusual.

And I don’t think you should be giving out your IP to random strangers on the internet with blocked websites.

  • Like 2
Link to comment
Share on other sites

Its doubtful they are going to do this. If someone has blocked a location they have done it for a reason, either business or security. Doing it this way is best practice and the customer may not even know how to unblock by region or may not be able to. There are a lot of custom CMS, especially for realtors, that will do this and the customers have very limited instructions on how to do this & may have to contact their own support who will tell them what they can and cannot do.

I’m highly skeptical that it’s a firewall thing because that would mean the domain wouldn’t open at all – that page or any page under that domain – but it is opening: it’s a 403 page, which is a page within a website.

Also, it’s not a good practice to blacklist an entire country from your website. It’s much better to blacklist problematic IPs with a tool like Wordfence. I’d be careful with someone who sees fit to blacklist an entire country.

  • Like 2
Link to comment
Share on other sites

I’m highly skeptical that it’s a firewall thing because that would mean the domain wouldn’t open at all – that page or any page under that domain – but it is opening: it’s a 403 page, which is a page within a website.

Also, it’s not a good practice to blacklist an entire country from your website. It’s much better to blacklist problematic IPs with a tool like Wordfence. I’d be careful with someone who sees fit to blacklist an entire country.

I’m highly skeptical that it’s a firewall thing because that would mean the domain wouldn’t open at all – that page or any page under that domain

I am too. With your physical IP address people can ping your device to see when you are online and use easily available port scanning software to scan your system for vulnerabilities.

After that, your device becomes easy to trace and target with all kinds of attacks.

  • Like 2
Link to comment
Share on other sites

I’m highly skeptical that it’s a firewall thing because that would mean the domain wouldn’t open at all – that page or any page under that domain

I am too. With your physical IP address people can ping your device to see when you are online and use easily available port scanning software to scan your system for vulnerabilities.

After that, your device becomes easy to trace and target with all kinds of attacks.

Right?! This is so fishy.

If a 403 page is opening, that means the domain is opening. A 403 page is a page within the website. If there was a firewall blocking it, the domain wouldn’t open at all. It would be an error page.

And even if this wasn’t fishy, it’s a massive hassle and no buyer who would expect that kind of thing would be nice to work with.

  • Like 2
Link to comment
Share on other sites

Right?! This is so fishy.

If a 403 page is opening, that means the domain is opening. A 403 page is a page within the website. If there was a firewall blocking it, the domain wouldn’t open at all. It would be an error page.

And even if this wasn’t fishy, it’s a massive hassle and no buyer who would expect that kind of thing would be nice to work with.

Yeah, there is no reason why any exchange of information like this is even necessary.

I have also fallen victim to a very well orchestrated hack attempt myself of Fiverr and I’m quite security aware. None of this makes sense. Possibly the buyer is an amateur web developer and doesn’t realize that their site is not publicly viewable. However, that is their problem, not the problem of the seller.

  • Like 2
Link to comment
Share on other sites

Yeah, there is no reason why any exchange of information like this is even necessary.

I have also fallen victim to a very well orchestrated hack attempt myself of Fiverr and I’m quite security aware. None of this makes sense. Possibly the buyer is an amateur web developer and doesn’t realize that their site is not publicly viewable. However, that is their problem, not the problem of the seller.

I was thinking that, too. Maybe he doesn’t know about more security-effective blacklist methods. In any case a 403 definitely can’t mean a firewall is blocking it. Maybe he’s assuming it does.

But yeah, not worth the risk, in any case.

  • Like 2
Link to comment
Share on other sites

It’s a public IP address. Once you accessed their website they would have it anyway. A 403 page is an error page that simply states you’re not authorized to access that page. As said above they most likely just want to whitelist your IP, but you could always confirm with them.

That would be the equivalent to someone giving you an address, and asking your name to let their reception know that you’re allowed inside. Once you get there, they will ask your name, check against the list, and if your name is there you’d be authorized entry.

I don’t know if you can still get that order, nor I can tell you what to do, but if I were in your position I’d given my IP address without a single worry in the world.

  • Like 2
Link to comment
Share on other sites

I’m highly skeptical that it’s a firewall thing because that would mean the domain wouldn’t open at all – that page or any page under that domain – but it is opening: it’s a 403 page, which is a page within a website.

Also, it’s not a good practice to blacklist an entire country from your website. It’s much better to blacklist problematic IPs with a tool like Wordfence. I’d be careful with someone who sees fit to blacklist an entire country.

@ urdeke has said all im going say. im not going to waste any more time on this. you dont need to share anything. its a PUBLIC IP address. the site owner has this already

Link to comment
Share on other sites

@ urdeke has said all im going say. im not going to waste any more time on this. you dont need to share anything. its a PUBLIC IP address. the site owner has this already

With all due respect, you are not looking at the big picture. The OP does not sell any kind of web design or development service. They are also a new seller (having no reviews), and this is not a standard request.

Pretty much every cyber attack these days takes the form of a social engineering attack. First it will be a request for a users IP. Then when a seller provides this information, there will be another request for more sensitive information — or an invite to use TeamViewer, etc.

No one thwarts a social engineering attack by first placing blind trust in a random person online who wants access to any kind of information that they have no reasonable need of.

Nowhere does this seller say that they will work directly on a website for any reason in any of their gigs. If the buyer does need to whitelist an IP, they will also be able to see on their end which recent visits to their site have resulted in visitors being directed to a 403 error page.

This whole situation is fishy and in my opinion, there are already enough red flags to deter most sellers working with this buyer.

  • Like 1
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...