Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 2 subscribers
  • Views 1817 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Practicality of Country Blocking

acctech1836
With services such as Amazon AWS and similar products how can Country Blocking be used efficiently? Does anyone have any recommendations on how they have implemented this security feature into their environment? 

Have an Outstanding Day,
Chris


This thread was automatically locked due to age.
Parents
  • 0
    You won't be able to access a lot of websites if you block that much.

    At home, I don't block anything.

    At work, for our web site (we only have customers in US), I block most of Asia and Eastern (former Soviet bloc) Europe.
    This is due to the higher proportion of hostile traffic from those regions.

    Again, you must balance with what you need, ESPECIALLY since it's a 2-way block (there is a feature request regarding that).

    Barry
Reply
  • 0
    You won't be able to access a lot of websites if you block that much.

    At home, I don't block anything.

    At work, for our web site (we only have customers in US), I block most of Asia and Eastern (former Soviet bloc) Europe.
    This is due to the higher proportion of hostile traffic from those regions.

    Again, you must balance with what you need, ESPECIALLY since it's a 2-way block (there is a feature request regarding that).

    Barry
Children
  • 0 in reply to BarryG
    Thank you for the advice. I have scaled back my Country Blocking accordingly.

    Have an Outstanding Day,
    Chris
  • 0 in reply to acctech1836
    I choose which countries to block based on experience--that is, where are the constant portscans and script-kiddie attempts coming from, etc.  If a customer of mine has no need to access resources in those countries/regions, I block them.  Some customers have a requirements that force them to allow legitimate traffic fome those countries,, so that's how I configure them.