Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Why stop there? Just block all non-US IPs!

This is a perfectly good solution to many problems, if you are absolutely certain there is no conceivable way your service will be used from some regions.

> Surely bad actors wouldn’t use VPNs or botnets, and your customers never travel abroad?

Not a problem. Bad actors which are motivated enough to use VPNd or botnets are a different class of attacks that have different types of solutions. If you eliminate 95% of your problems with a single IP filter them you have no good argument to make against it.



This. If someone wants to target you, they will target you. What this does is remove the noise and 90%+ of crap.

Basically the same thing as changing the ssh port on a public facing server, reduce the automated crap attacks.


> if you are absolutely certain there is no conceivable way your service will be used from some regions.

This isn’t the bar you need to clear.

It’s “if you’re comfortable with people in some regions not being able to use your service.”




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: