IP Blocking
Enable SIP proxy IP blocking to protect your server from brute-force attacks and repeated unauthorized registration attempts.
Once activated, the system monitors failed SIP authentications and blocks suspicious IPs. You can review blocked and trusted IPs and control which ones can access your server.
SIP proxy protection setup
Go to Settings → General → IP Blocking tab.
Tick the SIP proxy checkbox.
Click Confirm to apply the setting.
This enables SIP proxy protection on ports 5060 (UDP, TCP) and 5061 (TCP).
Blocking logic and thresholds
By default, an IP address is blocked if it performs 14 failed attempts within 1 hour.
These thresholds can be configured when setting up the server:
Variable | Purpose | Default |
|---|---|---|
| Maximum number of failed attempts | 14 |
| Time window for attempts (in seconds) | 3600 |
| Duration of the ban (in seconds) | configurable |
Monitoring blocked IPs
As a Server administrator, you can view all blocked IPs across the server — including those triggered by failed attempts to access other users’ SIP accounts.
Blocked IPs appear in the List of blocked IPs. Click the ↪️ icon to refresh the list and load the most recent entries:
Service name (e.g. SIP proxy);
IP address;
Cause (e.g.
Auth failed);Additional info (e.g. attempted SIP URI);
Timestamp of the block.
To unblock addresses, you can either click Unblock all or remove individual entries using the 🔓 icon in the corresponding row.
Adding trusted IPs to the Whitelist
For some IP addresses, blocking rules can be ignored. You can add trusted IPs that will not be blocked — even after failed authentication attempts:
Scroll down to the Whitelist block.
Click Add IP address.
Select the SIP proxy service.
Enter the IP address you want to trust.
Click Confirm to save the changes.
Whitelisting is global — it applies across all accounts and devices.
Whitelisted IPs are listed below and can be removed via the 🗑️ icon:
