OrbVPNOrbVPN
TutorialsTroubleshootServicesAPIBusinessBlogDashboard

Add To Blacklist API

Block IP addresses by adding them to the blacklist for security protection

Security

Add To Blacklist API

Block malicious or unwanted IP addresses. Blacklisted IPs are denied access to all VPN services and API endpoints.

Remove from Blacklist

Block Threats

Deny access to malicious IPs.

Protect Service

Prevent abuse and attacks.

Immediate Effect

Blocking takes effect instantly.

Endpoint Overview

MUTATION/graphql

Add an IP address or range to the system blacklist. Blacklisted IPs are immediately blocked from accessing VPN services.

Authentication:Bearer Token
Required scopes:admin

Request Parameters

ipString!Required

The IP address or CIDR range to blacklist (e.g., "192.168.1.1" or "192.168.1.0/24").

reasonString

Reason for blacklisting (for audit purposes).

expiresAtDateTime

Optional expiration for temporary blocks.

GraphQL Mutation

mutation addToBlacklist($ip: String!, $reason: String) {
  addToBlacklist(ip: $ip, reason: $reason) {
    id
    ip
    reason
    createdAt
    expiresAt
  }
}

Variables:

{
  "ip": "198.51.100.100",
  "reason": "Detected brute force attack attempts"
}

HTTP Request:

curl -X POST https://api.orbnet.com/graphql \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_ADMIN_TOKEN" \
  -d '{
    "query": "mutation addToBlacklist($ip: String!, $reason: String) { addToBlacklist(ip: $ip, reason: $reason) { id ip reason } }",
    "variables": {
      "ip": "198.51.100.100",
      "reason": "Brute force attack"
    }
  }'

Response

200IP Blacklisted Successfully
{
  "data": {
    "addToBlacklist": {
      "id": "bl_456",
      "ip": "198.51.100.100",
      "reason": "Detected brute force attack attempts",
      "createdAt": "2024-01-15T10:30:00Z",
      "expiresAt": null
    }
  }
}
400IP Already Blacklisted
{
  "errors": [
    {
      "message": "IP is already blacklisted",
      "path": ["addToBlacklist"],
      "extensions": {
        "code": "ALREADY_BLACKLISTED"
      }
    }
  ],
  "data": null
}

Reasons to Blacklist

Brute Force

Multiple failed authentication attempts.

DDoS Source

Participating in denial of service attacks.

Abuse Reports

Reported for ToS violations.

Known Bad Actor

Listed in threat intelligence feeds.

Best Practices

Document Reason

Always record why IP was blacklisted.

Be Specific

Block specific IPs over large ranges.

Set Expiration

Use temporary blocks when appropriate.

Review Regularly

Audit blacklist for false positives.

Related Endpoints

MUTATIONRemove from Blacklist

Unblock IPs

QUERYGet Blacklisted IPs

View blocked IPs

MUTATIONAdd to Whitelist

Allow trusted IPs

QUERYGet Whitelisted IPs

View allowed IPs

Careful Review

Blacklisting blocks all access. Verify the IP is genuinely malicious to avoid blocking legitimate users.

View Blacklist

Review currently blocked IPs to manage your security rules.

Get Blacklisted IPs

Remove From Whitelist API

Previous Page

Remove From Blacklist API

Next Page

On this page

Endpoint Overview
Request Parameters
GraphQL Mutation
Response
Reasons to Blacklist
Best Practices
Related Endpoints