ISM-1171 ASD Information Security Manual (ISM)

Block Direct IP Access to Websites

Web filters prevent website access if using an IP address instead of a domain name.

Preventative Non-classified OFFICIAL: Sensitive PROTECTED SECRET TOP SECRET ASD Information Security Manual Guidelines for gateways Web filtering Internet access

🏛️ Framework

ASD Information Security Manual (ISM)

🧭 Control effect

Preventative

🔐 Classifications

NC, OS, P, S, TS

🗓️ ISM last updated

Feb 2022

✏️ Control Stack last updated

22 Feb 2026

🎯 E8 maturity levels

N/A

Guideline

Guidelines for gateways

Section

Web content filters

Topic

Allowing and Blocking Access to Domain Names

Official control statement

Attempts to access websites through their IP addresses instead of their domain names are blocked by web content filters.

Source: ASD Information Security Manual (ISM)

Plain language

This control means stopping people from visiting websites using IP addresses instead of the usual website names. It's important because some bad actors try to bypass security filters by using these numerical addresses directly, which could lead to data theft or malware infections.

Why it matters

By blocking direct IP access, organisations prevent attackers from bypassing DNS-based content filters, reducing exposure to phishing and malware sites.

Operational notes

Keep web filter rules current; ensure IP-based URL requests are blocked, logged, and reviewed so attempts to bypass domain filtering are detected.

Implementation tips

IT teams should set up web content filtering tools. Choose a reliable web filtering service that specifically blocks direct IP address usage and configure it to treat attempts to access websites by IP as red flags.
System administrators should carry out regular tests. Use sample IP addresses of known websites to ensure that attempts to access them directly are indeed blocked by the filtering system.
Business managers should work with the IT team to ensure blocked access policies are communicated effectively. Clearly inform all staff that accessing websites using IP addresses is against company policy and part of the security measures.
HR should include training on secure browsing habits. Implement regular training sessions that explain the risks of navigating to sites using IP addresses and educate staff on the filtering mechanisms in place.
Procurement teams should ensure that any new web filtering software purchased supports IP blocking. When evaluating new systems, confirm they offer robust IP filtering and request demonstrations from vendors.

Audit / evidence tips

Ask: proof of the web content filter settings: Request screen captures or reports from the web filter administration interface

Good: Clear evidence showing a configured rule that blocks IP-based web access
Ask: recent log reports of blocked IP access attempts: These should be logs generated by the web filtering system

Good: is a detailed log with timestamps, source IPs, and actions taken
Ask: documentation or memo on policy communication: Request the internal memo or policy document circulated to staff regarding web access rules

Good: includes a formally distributed document with a clear explanation of the rules
Ask: training records: Request records or sign-in sheets from training sessions conducted about the control

Good: is a dated record showing attendees and training outlines
Ask: vendor evaluation documents: Request the criteria or checklists used when purchasing web filtering solutions

Good: includes detailed evaluations that explicitly mention IP blocking capabilities

Cross-framework mappings

How ISM-1171 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.

These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.

ISO 27001

Control	Notes	Details
Partially meets (1)
Annex A 8.23	ISM-1171 requires web content filters to block attempts to access websites via direct IP address rather than by domain name