问HN:你们会屏蔽DigitalOcean吗?
目前我至少将他们的一半子网列入了黑名单。他们似乎承载了大量的机器人流量、端口扫描以及其他一些不太令人愉快的活动。<p>这样做是错误的方式吗?这是一场无休止的打地鼠游戏吗?<p>顺便提一下,我从AWS、Azure和Google那里收到了相当可观的恶意流量,但我将这些服务提供商视为“太大而不能封锁”——我无法将他们的大部分IP空间列入黑名单,否则会破坏互联网。
查看原文
I have at least half their subnets blacklisted at this point. They seem to host a lot of bot traffic, port scans, and other generally unsavoury characters.<p>Is this the wrong approach? A losing battle of whack-a-mole?<p>FWIW I get a not-insignificant amount of malicious traffic from AWS, Azure, and Google but I view these providers as "too big to block" - I can't blacklist large swaths of their IP space without breaking the Internet.