• Howdy! Welcome to our community of more than 130.000 members devoted to web hosting. This is a great place to get special offers from web hosts and post your own requests or ads. To start posting sign up here. Cheers! /Peo, FreeWebSpace.net
managed wordpress hosting

Odd...

Schmarvin

Cross Industries
NLC
My firewall has blocked Majority China IPs over any other country. It's amazing. I'm think I should ban all IPs from China just to keep my server safe. Should I? It wouldn't hurt my client-base at all at the moment, considering I don't allow Chinese clients to buy/request hosting.

Please state your opinions on this. I've wanted to ban China from my server for a long time now.
 
I wouldn't recommend blocking all their IP's. It might not hurt your client base, but what about your own clients? They might have visitors from china.
 
As it stands now, majority of IPs that are coming from China have been auto-blocked by the firewall for brute-force attempts and trying to DDoS.
 
As it stands now, majority of IPs that are coming from China have been auto-blocked by the firewall for brute-force attempts and trying to DDoS.

You will see a number of reports on ips from China, however i agree with the poster above, if you ban all Chinese IP addresses this not only affects you but your clients as well. I respect you for wanting to take a proactive approach to security, but in this case i just simply would not do it..
 
Okay, just because I have no idea what you guys are talking about. How would it affect my current clients? None of my clients are from China. I do not allow Chinese clients.

So, please, someone tell me how it would affect my current clients?
 
Okay, just because I have no idea what you guys are talking about. How would it affect my current clients? None of my clients are from China. I do not allow Chinese clients.

So, please, someone tell me how it would affect my current clients?

If you have clients that do business with or have visitors from China they will no longer be able to access your clients website. I guess im saying that what you ban at the server level will be also banned at your clients level, which means no access if they in fact do have visitors from China..
 
[ih]Demetris;1096553 said:
If you have clients that do business with or have visitors from China they will no longer be able to access your clients website. I guess im saying that what you ban at the server level will be also banned at your clients level, which means no access if they in fact do have visitors from China..

None of them do. The IPs being banned currently by the firewall are trying to access my homepage directly. Not client sites.
 
None of them do. The IPs being banned currently by the firewall are trying to access my homepage directly. Not client sites.

It's simply impossible to know who your clients currently do business with or will do business with in the future. I believe its a bit short sighted to block a certain range of IP addresses, simply because they are from a certain region. If the firewall is blocking ip addresses for your site, your site is not the only one that will be affected. When the firewall blocks the site it prevents said IP address from accessing the server at all. Not just your site. If you are extremely concerned about these IP addresses i would say ban them at the site level either via cPanel, DirectAdmin etc..
 
If you ban a country through IP range, you must make sure you get the latest IP range. Most IP range are not too accruate. They dont block all the ISPs, and sometimes, they blocks the other countries aswell. If you want to save your server from the "hack attempts" use a random autogenerated password. I usually use passwords like JwViaZ8Wtummq5chey. These do not contain any special characters, just smaller and upper case letters and numbers. You can even use a special character password that you came up with like:

SchMarvin@X-Ind.com (Strength: 100) (unsafe as it is easily guessable but you get the idea)

Let your imagination run wild and come up with a random password that is just random numbers and alphabets to everyone, but has a meaning to you, like:

iCuRBsyBu7iML4zy (Strengh: 100, super safe) (well, it was before i posted it here!)

i C u R Bsy Bu7 i M L4zy
I see you are busy but i am lazy

Hope that helps :)
 
If you ban a country through IP range, you must make sure you get the latest IP range. Most IP range are not too accruate. They dont block all the ISPs, and sometimes, they blocks the other countries aswell. If you want to save your server from the "hack attempts" use a random autogenerated password. I usually use passwords like JwViaZ8Wtummq5chey. These do not contain any special characters, just smaller and upper case letters and numbers. You can even use a special character password that you came up with like:

SchMarvin@X-Ind.com (Strength: 100) (unsafe as it is easily guessable but you get the idea)

Let your imagination run wild and come up with a random password that is just random numbers and alphabets to everyone, but has a meaning to you, like:

iCuRBsyBu7iML4zy (Strengh: 100, super safe) (well, it was before i posted it here!)

i C u R Bsy Bu7 i M L4zy
I see you are busy but i am lazy

Hope that helps :)

I have no problems with my passwords.
 
A lot of hosts block China... We've considered it, after a couple hackers, but just because we are kind hearted... Also, most hackers are from non-US countries... It may not be that Chinese people like to hack, but consider their population to the US.... People in Asian countries are usually more computer-literate than in the US. Just my thoughts
 
To add on to the population thing, you do have to consider that by doing this, you would be blocking 1/3 of the world from your servers...
 
I know for a fact there's a legit user on one of my services that comes from China.

He's just an ordinary student and comes to one of my sites to chat with people.

Not exactly fair play to ban an entire country because a few people don't play nice.
 
I agree with you. The main problem is how to sort them

I'm wondering if RDNS could be of use. Though it might not do much good, the legit user that I am familiar with doesn't have an RDNS on his IP either, and that would false-positive on a fair number of other ISPs as well.
 
Back
Top