←back to thread

Ban me at the IP level if you don't like me

(boston.conman.org)

597 points classichasclass | 1 comments | 25 Aug 25 04:23 UTC | HN request time: 0s | source

Show context

lwansbrough ◴[25 Aug 25 05:55 UTC] No.45010657[source]▶

>>45010183 (OP) #

We solved a lot of our problems by blocking all Chinese ASNs. Admittedly, not the friendliest solution, but there were so many issues originating from Chinese clients that it was easier to just ban the entire country.

It's not like we can capitalize on commerce in China anyway, so I think it's a fairly pragmatic approach.

replies(6): >>45010748 #>>45010787 #>>45010871 #>>45011590 #>>45011656 #>>45011732 #

1. adzicg ◴[25 Aug 25 08:52 UTC] No.45011732[source]▶

We solved a similar issue by blocking free user traffic from data centres (and whitelisted crawlers for SEO). This eliminated most fraudulent usage over VPNs. Commercial users can still access, but free just users get a prompt to pay.

CloudFront is fairly good at marking if someone is accessing from a data centre or a residential/commercial endpoint. It's not 100% accurate and really bad actors can still use infected residential machines to proxy traffic, but this fix was simple and reduced the problem to a negligent level.