Blocked because of IPS attack

Question

When I browse to a website it shows me an error message like

Blocked because of IPS attack    
An attack was detected, originating from your system. 
Please contact the system administrator.

The error appears in all browsers.

I have reset the internet explorer settings and I restarted the PC. But I still getting same message.

The error comes in PC which are in same network using same internet connection.But it is not a problem with website because in some other pc in different network website opens properly. How can I solve it?

score 3 · Answer 1 · edited Mar 20 '17 at 10:16

3

Your computer is probably infected with malware which is being detected by an IPS. You should scan your computer for malware and viruses.

Run a complete virus scan. I assume you have an antivirus program installed, if not GET ONE!
Also check for other malware, for example using this.
There is a very good thread on SU on how o clean your machine, I recommend you read it.

edited Mar 20 '17 at 10:16

Community

1

answered Mar 19 '13 at 12:55

terdon

54,564

Coyote · Answer 2 · 2013-09-11T17:16:18.937

This appears because the server you are accessing is configured to prevent too many accesses within certain time periods. i.e. no more than 5 hits in 10 seconds and no more than 30 hits in 300 seconds.

If the IPS is "simple" it will be quite efficient at generating false positives and blacklisting legitimate users. The most common occurrences are when multiple users accessing the site from one IP address, through home connection with NAT.

Extract from a Fortinet router config file :

config system replacemsg nac-quar "nac-quar-ips"
    set buffer "<html><head><title>Attack Detected</title></head><body><font size=2><table width=\"100%\"><tr><td bgcolor=#3300cc align=\"center\" colspan=2><font color=#ffffff><b>Blocked because of IPS attack</b></font></td></tr></table><br><br>An attack was detected, originating from your system. Please contact the system administrator.<br><br><hr></font></body></html>"
    set header http
    set format html
end

Most times such messages originate from false positives. Sometimes the addition of AJAX calls on a website increase such false positives due to increased page requests.

score 0 · Answer 3 · answered Jan 02 '14 at 09:21

0

This is due to IP blacklist check whether your IP is blacklisted or not ,another reason is the site is not avilable in your region and the site owner is not allowing your country and they simple block the IP

answered Jan 02 '14 at 09:21

jacob justin

29

Blocked because of IPS attack

3 Answers3