A site that I have visited for years recently underwent an “upgrade” - all of a sudden the site was unavailable to me, I ran a webpage test and I could see that the site was unavailable from New zealand, Australia, Hong Kong (and who knows where else) but was available from the US and UK for example. I contacted the site owner who was very concerned about this because they have a store on the site that ships to the countries the site is unavailable in.
The site owner is very “untechnical” and went to their host who said the following:
I just got out of a meeting with our Operation department as well as with our Chief Security Officer. Regarding your particular issue with users not being able to access your website from certain countries, we do in fact block traffic from certain countries that have high malicious activity. This is standard practice with most hosting providers as it protects customers from receiving ongoing and deliberate malicious attacks to their website. Our firewall blocks all activity from these IP addresses.
58.0.0.0 - 61.255.255.255
114.0.0.0 - 126.255.255.255
202.0.0.0 - 203.255.255.255
210.0.0.0 - 211.255.255.255
218.0.0.0 - 222.255.255.255
If the particular user can provide us their IP address, we will consider unblocking it.
Now…my ip is dynamic so what would be the point of unblocking it and what about everyone else blocked? I am currently in New Zealand which I don’t believe is a country with high malicious activity and I have never experienced this before - I think this situation is ridiculous and their site is not accessible by a significant customer base so they are loosing out because a host has made an arbitary decision that they were not aware of.
No, that’s crazy. I’d say get another host. For a web host to be blocking entire countries (and some of the more reputable ones, too) is untenable for such a service provider.
No, I don’t think it’s at all reasonable. They say it’s standard practice, but I doubt that it is.
If they are experiencing malicious activity from certain countries, then the correct approach is to improve security so that it deals with those specific threats. To impose a blanket ban on a country would be like me saying that several of my Austalian customers never pay their bills on time, so I won’t accept any business from Australia.
I would advise any website operator who has encountered this attitude to move to a different hosting company. And - very important - let companies in question know the reason for the move.
That is a completely silly way to do it and it I would definitely change host. I have been in the hosting industry for some years and hosting companies do sometimes block specific IP addresses where malicious activity is emanating from - but not entire nations. WWW stands for World Wide Web!
In the age of proxy servers, what would be the point anyway?
Thanks for the feedback. What I find amazing is that this is being done on advise from the Chief Security Officer for the host… you’d think they’d come up with a smarter way to deal with any malicious traffic.
Yes, malicious traffic comes from all parts of the globe, so before long, they won’t be serving websites to any countries … and bye bye web host. Which is not a bad thing, from the sound of it.
EDIT: with a boss like that, it wouldn’t surprise me if the employees of that hosting company are all secretly submitting their CVs to a number of job openings as we speak.