Listing 2: Pseudocode for Checking an Address Against Banned or Known Good Addresses

// Check banned IP addresses only.

// Get the incoming IP by using code such as:
// "$ip = getenv("REMOTE_ADDR");"

// Check the IP against a CSV/data file or database containing banned IPs:
// Open file, search against matching first two octets for banned
// (Asian, Latin American) IP blocks.
// Or, more acceptably, "good" IP list from which people have been validated. 

// If there's a match against the banned list, then issue custom error code 4xx 
// explaining the situation and reason for denial.

// If compare against "good" IP list doesn't match, display a page containing 
// questions that only the user knows the answers to (e.g., "What
// high school did you go to?" "What is your great uncle's nickname?")

// If secondary two-factor authentication is ok, then add incoming IP to "good" list.

// Start session for incoming IP with regular logon ID and password.