-3

This is part of an ongoing issue that I am having with my internet provider (CenturyLink) but the issue exists for other users on other providers.

Essentially when hitting a website (for instance: http://tsa.gov) I receive an error that appears to be generated by a security provider protecting that website (based on my research perhaps Akamai?: https://community.akamai.com/thread/4465-ip-reputation-clean-up, could also be CloudFlare or something like that?)

Access Denied You don't have permission to access "http://www.tsa.gov/" "http://www.macys.com/" "http://www.abercrombie.com" on this server. Reference #

Per the above my current assumption is that someone was using the public IP Address that is now assigned to my network by my ISP (CenturyLink) for dubious purposes. Perhaps another customer was hacked and their devices were utilized in a DDOS attack, or they were web-scraping, or spamming, or all of the above.

I get the above error on perhaps 20% of all websites with ALL devices when connected through my local wifi connection.

Primarily I am adding this question so that anyone who runs into the problem in the future is more likely to move through the process quickly than I was.

Some details pertaining to trouble shooting

Resetting Router Does Nothing

The first thing your ISP will tell you is to reset the router and wait a few minutes. CenturyLink uses DHCP so my router SHOULD obtain a new address which SHOULD fix the issue if that IP Address is blocked. If you haven't done this yet do this first.

My router DOES NOT obtain a new IP Address and instead re-acquires the old IP.

For me Hard Resetting / Factory Resetting the router ALSO had no effect.

Future People: You can check your IP address by typing "What's my IP Address" into google.

If you run into this issue you should check your IP (using the google trick above) every time you restart your router and keep a log of all IP Addresses that have been assigned to you along with the time delay that you waited in between turning off / turning on your router.

CenturyLink DOES NOT have a log of the IP Addresses that your account has been assigned, in order to tell whether you are getting a new IP Address YOU will need to keep a log of IPs. By logging this information yourself you can 'prove' to them that you are incorrectly receiving the same IP Address after power cycling your router.

Multiple Device Operating Systems

My devices are each of the following: MacOS (Macs), Android Phone + Tablet, iOS Phones, Windows PC. Every device exhibits the same behavior, therefore it is incredibly unlikely to be a virus issue (it's hard for one virus to effect many different devices on many different OSes). Also unlikely because...

Different Connections Work Fine

Each of those same devices works perfect when connecting to the same websites through a different internet connection. Ie. I can use a wifi hotspot with my phone through my computer, or connect directly from my tablet etc with no problem so long as I am not using my local CenturyLink DSL connection.

I will update or add an answer as soon as I have one.

Community
  • 1
  • 1
Necevil
  • 2,802
  • 5
  • 25
  • 42

1 Answers1

1

So after a LONG time on the phone the collaborative team of CenturyLink techs and I decided the best option was to get a new modem / router of a different brand / model number from the one I currently have.

Here's some more information for future users trouble-shooting a similar issue.

Sites that are Un-Reachable are Up and Live for Everyone else

This will get asked A LOT. The sites you are trying to reach ARE Reachable from other devices on other networks, or the same devices on other networks.

It is NOT a virus

The key to explaining this one away (it will also get asked a lot) is mentioning the many different devices / operating systems that all have the same problem, and that each of those devices works properly when connected to a Non-CenturyLink network.

Q: What are the Odds that a group of hackers developed a virus that infects every known opperating system and targets only 20% off websites ONLY when hosted on CenturyLink?

A: Zero.

".... but I can Ping the site from your Router"

You will probably get that once or twice. This doesn't matter since the servers are actually returning a response. The problem is that the response IS NOT the website, the server responding to the ping is the same server delivering the "Access Denied" message.

Since the server is responding, and you are able to connect, Ping works fine even though the server isn't returning the page you requested.

Firmware Update Doesn't Help Acquire a new IP Address

Even after updating the firmware on our router we were still unable to acquire a new IP Address from DHCP. I assume there is a way that CenturyLink could take that IP Address out of the pool, but my guess is they have MANY IPs that are blacklisted by Akamai among others so they just rely on the dynamic nature of DHCP assigned IPs to solve this problem for them when it occurs.

Of course that doesn't work if your router for whatever reason is not Dynamically assigned an IP Address as it should be.

New Router? That will be $22 Shipping

Yeah... nah. They will ask you to pay $22 shipping on the new router to replace the one that you just spent all of this time trying to help them fix.

If you went through as much BS as I did to get the thing working don't stand for that, respectfully let them know that you don't think that is fair. My rep was able to waive that fee.

Community
  • 1
  • 1
Necevil
  • 2,802
  • 5
  • 25
  • 42