We've talked here before about filtering IP traffic by source for mail servers. The idea is that if you are not expecting
email from Korea or wherever, blocking any such mail simply cuts
down on any other security and spam processing necessary. For
some people, it's a simple solution that can cut down unwanted email
significantly, but of course it does so at the risk of also
blocking legitimate email.
The same idea can be applied to ssh
with perhaps less risk of stopping desirable traffic. If you
know that you'll always be accessing a site only from
addresses in a certain country, you again can save the trouble of
further processing on access attempts that come from other places.
We've had some arguments
about the value of such filtering but I still believe it
can be valuable in some circumstances.
Web sites also may have reasons to block or filter traffic.
There's an Apache blacklist module
that lets you do just that. Normally that is used to
block traffic to specific ip's that have already exhibited unfriendly
behavior rather than prejudging the traffic based on its country of
origin. I wouldn't expect there to be much interest in blocking
web traffic on such criteria. but apparently at least one
company thinks otherwise: http://www.trafficcleaner.com/ does exactly that and is currently (November 2005)
offering the service free to beta testers.
imagine too many web sites that would filter traffic by country,
but I'm sure some exist. If you are selling a product that
can only be used in a certain country or if you aren't willing to
accept payment from outside your own country, this might make perfect sense:
why waste the bandwidth and open yourself to possible attacks?
This also offers the ability to redirect traffic to different pages, which
could be useful if you had different offerings for different countries
such as translations, or alternate product pages for an ecommerce site.
picks up the remote address, looks it up in a database, and acts accordingly.
Nothing particularly difficult there.
This type of filtering could be very frustrating for a person
who happened to be traveling in a foreign country but wanted to access
a site they normally access at home. Being blocked or redirected
to alternate pages could be quite maddening and upsetting. This
particular product uses a cookie which would allow them
(assuming they were still using their "home" computer), but I
can still envision circumstances where this could be very
Got something to add? Send me email.
Increase ad revenue 50-250% with Ezoic
More Articles by Anthony Lawrence
Find me on Google+
© 2009-11-07 Anthony Lawrence