APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Web site IP filtering

© November 2005 Anthony Lawrence

We've talked here before about filtering IP traffic by source for mail servers. The idea is that if you are not expecting email from Korea or wherever, blocking any such mail simply cuts down on any other security and spam processing necessary. For some people, it's a simple solution that can cut down unwanted email significantly, but of course it does so at the risk of also blocking legitimate email.

The same idea can be applied to ssh with perhaps less risk of stopping desirable traffic. If you know that you'll always be accessing a site only from addresses in a certain country, you again can save the trouble of further processing on access attempts that come from other places. We've had some arguments about the value of such filtering but I still believe it can be valuable in some circumstances.

Web sites also may have reasons to block or filter traffic. There's an Apache blacklist module that lets you do just that. Normally that is used to block traffic to specific ip's that have already exhibited unfriendly behavior rather than prejudging the traffic based on its country of origin. I wouldn't expect there to be much interest in blocking web traffic on such criteria. but apparently at least one company thinks otherwise: https://www.trafficcleaner.com/ does exactly that and is currently (November 2005) offering the service free to beta testers.

I can't imagine too many web sites that would filter traffic by country, but I'm sure some exist. If you are selling a product that can only be used in a certain country or if you aren't willing to accept payment from outside your own country, this might make perfect sense: why waste the bandwidth and open yourself to possible attacks? This also offers the ability to redirect traffic to different pages, which could be useful if you had different offerings for different countries such as translations, or alternate product pages for an ecommerce site. As you would probably guess, this is simply Javascript code that picks up the remote address, looks it up in a database, and acts accordingly. Nothing particularly difficult there.

This type of filtering could be very frustrating for a person who happened to be traveling in a foreign country but wanted to access a site they normally access at home. Being blocked or redirected to alternate pages could be quite maddening and upsetting. This particular product uses a cookie which would allow them (assuming they were still using their "home" computer), but I can still envision circumstances where this could be very annoying.

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> Web site IP filtering

Inexpensive and informative Apple related e-books:

Take Control of Apple Mail, Third Edition

Take Control of the Mac Command Line with Terminal, Second Edition

Digital Sharing Crash Course

Photos for Mac: A Take Control Crash Course

iOS 8: A Take Control Crash Course

More Articles by © Anthony Lawrence

Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

Printer Friendly Version

After establishing competence and ability, your customer wants to know that you are honest and that you care about their needs. Sell that, because that's what they really want to buy. (Tony Lawrence)

Linux posts

Troubleshooting posts

This post tagged:


Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode