IP Blacklist Increased FunctionalityPlanned
As it stands now, any blacklisting or whitelisting must be done manually, one-by-one for IPs (or IP ranges using CIDR notation). However, there are two functions that would greatly improve the functionality of this tool, especially for those of us with many IPs to enter/manage or those with preemptive security in mind:
- Allow for blocking/allowing by location. This could be continents, countries, etc. but would be one of the best tools for those of us who are trying to avoid having our bandwidth (which we pay for!) eaten up by IPs in locations we don't sell to/service. No need to have thousands of Russian bot IPs look at 2 pages of a site each just to leave immediately. The only way to do something similar is looking up the IP ranges for a specific location and blocking each one. This can get unreasonable quite quickly, with countries having tens of thousands of IP ranges assigned to them, which can change over time.
- In conjunction with the above point, or at least in substitution if the above point is not implemented, it would be a great help to add and remove entries to the list via export/import, much in the same way that already exists for customers, products, orders, etc. This is one of the only major lists on the platform without this functionality, and it would make managing the blacklist infinitely easier and much less prone to error. Imagine being able to instantly block or allow as many addresses as the import can handle, and being able to just as easily delete entries that shouldn't be there or edit entries en masse.
Hopefully, we can get this added as it could save countless hours of work and who-knows-how much money in bandwidth costs.
Absolutely agree with this request. Location based IP blocking as well as better rules for blocking scrapers is really needed.1
I haven't started blocking IPs yet because it seems so labor intensive, but we have a ton of unfortunate traffic from Indonesia because one product name resembles a porn site. It'd be helpful to be able to block locations easier than manually trying to do it for one of the most populous countries in the world.1
I frequently update the firewall because it cuts down on server load and reduces risk of hacks. I don't sell outside North America, so I don't hesitate to block HUGE ip ranges that fall entirely outside North America.
Either one of these proposed changes would help me tremendously, but since I am a bit of a control freak, if I can't have both, I would prefer the ability to import changes to the firewall.0
Please sign in to leave a comment.