Airport Extreme Website block..

If you replace you AEBS, yes, the problem will temporarily go away since your ISP associates your connections' IP address with the MAC address of your AEBS. Replace it and you'll get a new IP address. However, it is still possible for the same thing to happen again unless you contact your hosting company.

No, that isn't the same problem. What you are describing is a case in which the DNS server that your AEBS is using can't resolve the IP address of the sites you are trying to visit. By you manually placing those entries into your hosts file, you are bypassing DNS and pointing the domain name straight to the server's IP. In the cases described here, it isn't a matter of you not being able to resolve the IP address from the DNS. Rather, it is a matter of the server that you are attempting to connect to blocking you at the firewall level due to the server running an overly agressive firewall. You can resolve it, but you can't actually get to it. In your case, you can get to it, you just can't resolve it.

Ah, I guess I misunderstood the issue. Was just trying to help.

The blocked IP at he server side isn't the only issue here.

I have the same problem: through the AE I cannot access Facebook, for any device. Worked for years, suddenly stopped working from wireless devices. From wired devices I can access it, no problem. My AE is in bridged mode, with a Cisco cable modem doing DHCP and NAT. This is the same for wired and wireless devices. One of the machines has both wired and wireless connections: if I access Facebook over wired it works, if I access over wireless it doesn't. Checked externally visible IP address: identical for wired and wireless.

Traceroute shows the first few hops being identical for wired and wireless, then wireless goes off into the void.

I've been doing IP networking for over thirty years, and I am completely baffled by this. After my packets leave the cable modem they should be identical.

Could the AE be using IP source routing? Could it be an MTU issue? AE reacting badly to some ICMP message that other devices don't care about?

I am at my wits end. If anyone has a lead: please share it.

Dump AE. I have tried twice to use it and the problem returned. Put my Linksys back in and it works perfectly. I am convinced there is something fluky (Apple gremlins) in AE. I now have it as an alternate wireless router connected in to my Linksys so I can access the connected hard drives (and can still connect through wireless, but there is no reason to).

I have the same issue with TC.

I am so thankful for this thread! For the first time in weeks I feel like I'm getting closer to a solution. Tezgno, I called my ISP (Cox) and they said my IP address is renewed every 24 hours. So it seems it's not a static IP address, but every IP address I'm using (from my home network) in attempt to access a specific website (in this case a learning platform for an online class I'm taking). I've done every Tier 1 and 2 support suggestion under the sun, including installing a new router and modem last night. Regained access for an hour, then was blocked again. Before I contact support at the site hosting provider, is there anything aside from your lengthy issue and resolution description I need to tell them given my IP address is seemingly dynamic? THANK YOU! THANK YOU!

I have the same problem too. Only one website domain is blocked by AE using AE only. This is so frustrating. What is it! a software or hardware problem??? I think software.... The only thing I did before it happened was update firmware. Could this have anything to do with a firmware bug? What’s weird is I am reading over and over people replacing AE with a new one and the same problem happens again after "a while" but not right away. What or who is responsible for this. It’s really suspicious that it's a software virus or ISP is blocking the AE from working.

continue....Maybe the hosting provider of the domain is blocking some kind of address the AE uses to show the domain. It's not just one page that is blocked, the whole domain is blocked. This is happing to people that own the domain and/or using the site daily for work. I can't even use the FTP for the domain using AE to get to the sites file system. I have to take the ethernet cable out of AE and go direct to modem to work on the site (hardwire). This is very strange. No one has an answer or fix yet. Maybe Apple's next AE update will fix it? My suspicion is it's the hosting blocking AE, ISP blocking AE, a very bad bug or worse a virus that the computers are pushing on the AE to stop the Domain address from working. I don't know

I've contacted my hosting again and they insist they have not blocked me and something is wrong with my AE. I don't think they really checked and are assuming or could not check deep enough. Some hosting services are 3rd parties and can only do so much. I pasted Tezgno info and sent it to my hosting service. This is the 3rd time I am contacting them to unblock me. It's very frustrating that we pay for a service that has blocked us out. It's crazy! We'll see what they say this time.

Who is your webhost?

My problems were with Bluehost. It took multiple phone calls and extensive emails, including copy-pasting Tezgno's entire dissertation on the subject, to get it escalated to senior support (the front-line staff can't see the deep-server block) to have it lifted.

Now one of my clients (Murphy's Law, it's my biggest one) won't accept emails through any account (different IP addresses) from Bluehost. At all. They get screened in a pre-server filter by a third party, so their own servers don't even show the emails as being blocked at their in-house level.

Driving me crazy. Nothing to do with AE.

It's not AE. People are having this problem with many different brands of routers. But good luck with your Linksys. Maybe you'll buy a longer stretch of time before it becomes a problem again.

I think it has more to do with the budget webhosts/servers so many of us are attracted to.

I'm about to make a substantial change from Bluehost to a Canadian-based webhost that has an office in town and is working hard to build a strong reputation for first-rate service. Costs more cash, but hopefully a lot less time and frustration for both myself and my clients.

I have webhost issues now regardless of what device or internet access type I use (3G, LTE, wifi anywhere, Windows computer, Mac computer, iPad, iPhone 4, iPhone 5S)...

Good luck.

ea/

Well if it is "not AE", then AE is a major contributor. I have done many tests where I put AE back and within a week I get the problem. NEVER have I had the problem with my Linksys... just saying.

Please point me to the ongoing similar issues people are having with other brands...

Thanks Yeehaw..... I use Websitesource, I heard back from them at 12am and this is what they said:

"Hello

I was able to find something in the handling for ip **.***.***.** that may have caused or contributed to your issue. Please check again and reply to this ticket if the issue persists."

HIP HIP HURRAY!!!!! They finally fixed it!!!!!!

Thank you Tezgno for your full report on this. I was able to paste the report to them and finally they looked for my ip in the system and found it being blocked.

I can confirm that this problem everyone is having is indeed the hosting service causing the problem. No matter what they're saying... don't give up. If they say it's not them ask to speak with a supervisor until someone listens and checks the right place. Paste Tezgno's report to them:

Tezgno

For those of you who are having this problem, I thought that I would chime in explain what is going on here. First, and foremost, I'm a network engineer who has seen this issue countless times and, surprisingly, the problem is not what a lot of people think it is (although it may seem like it is the case). I'll try to explain this in laymans terms.

First, the issue isn't necessarily the AEBS, although it is apart of the problem. What is actually happening here is that you are being blocked by the site, not the other way around. Specifically, your IP address is being "banned" by the site in question (in some cases, temporarily, in others, more permanently). Issues like these are hard to diagnose because most people troubleshoot the issue by unplugging their router, plugging their computer straight into the modem, and then realizing that the issue is gone. Likewise, many people take their routers (in this case, AEBS) to Apple, plug it in, and it starts to work as well. So, let's break this into two parts and address the problem first and why it is happening.

The Problem:

As stated above, the issue is happening because of your IP address being banned by the site you are trying to visit. The reason why you are being banned is a combination of a couple of things on both the sites' side and your side, creating a "perfect storm" if you will. From the sites side of the house, around 2008, many linux-based servers started receiving updates that included security products that would detect rapid or repeated connection attempts (products such as fail2ban and csf). When these security products detect rapid connection attempts or repeated failures, they either temporarily or permanently ban the IP address in question. By the end of 2009, many popular web hosting services and control panel companies included these products as well (control panel companies such as CPanel). The problem is that many people do not know that these products are installed on their servers, let alone that they are running (larger entities do, but the smaller shops and individual site owners rarely do). From the user side of the house, around 2008, many browsers started to include HTML5 capabilities through optional software (such as Google Gears). By 2009, most browsers in some way, shape, or form, started to support HTML5 with its ability to do intelligent caching and DB storage in the browser itself. And, this is where we have the problem. Modern day browsers, in an attempt to make our browsing experience better, tend to open multiple connections to servers so that we can browse the site. For sites that have multimedia, photos, tons of links, etc, (such as blogs, video or photo sharing sites, etc) this results in your browser opening hundreds of connections at once. The problem with this is that if the server you are accessing has systems such as csf installed and you attempt to open a ton of threads to the page, the result is that the software mistakenly thinks that you are a security problem and bans your IP address from accessing the site. For most software (such as CSF), the ban is temporary, but increases in time the more you are banned. For other software, the ban could be permanent.

Why Changing Routers or Plugging in Directly Works:

The reason why changing routers, plugging in your computer directly to your modem, or even taking in your router back to Apple works is because the minute you do any of those things, your IP address changes. This is because most ISPs link the IP address that you are given to your MAC address. Once the MAC address changes (you changing routers, plugging in directly, etc), your ISP will give you a new IP address. When you plug back in your original router, your ISP will return the IP address that you previously had (in most cases. Sometimes, it will give you a completely new address again).

Why this issue is more common with the AEBS than other routers:

In general, this issue is more common with the AEBS (along with cheaper routers) is because the AEBS (along with cheaper routers) generally do not contain QoS (quality of service) controls. Now, for those of you who are technical, you may note that QoS's purpose isn't about preventing you from being banned. And, that is true. For those of you who are not technical, QoS is a process by which your internet bandwidth is regulated by your router so that higher priority items (such as a VoIP phone or a video game) can have more bandwidth available to them when multiple devices are trying to access the Internet at the same time. The reasons why routers with QoS do not experience this issue as often (if ever) is because one of the things that they do is rate and thread limiting. Because your throughput rate and threads are distributed more evenly (rather than a free for all), chances are you will not experience the issue since products like csf work by detecting uneven or rapid connections.

Conclusion:

So, in conclusion, 99% of the time, you are being blocked on the other end. To solve the issue, you generally will have to contact the site owner to have your IP address unblocked. If you are using AEBS, the best thing to do would be to disconnect your AEBS from your internet connection for 24 hours and then plug it back in (most ISPs will assign you a new IP if you are offline for 24 hours or more). Also, try to limit the number of tabs that you open to the same site. If you are being blocked by your own site (and, your site uses CPanel, which it likely does), go into your CPanel settings (WHM settings) (from another connection, of course), go to CSF, remove the ban on your IP address, and add it to the exclusion list.

I found the problem for me to be IPv6 was getting a wan address, DNS and set to auto; so I changed it to "local link only" and that fixed it.