Open amcgregor opened 3 years ago
bin
folder) utilizing relative imports, which fail.More comprehensive projects and alternative hosted APIs:
As a result of the Pentagon freeing 6% of the IPv4 space to a private company, ostensibly for security reasons, this or another WAF heuristic should be updated/written to examine IP block owner locations, as well.
Additional note: hesitation eliminated. This can be useful for enforcing sanctions.
Ongoing Russian shenanigans against the US government and private sector targets has resolved the concern I had in developing a
WAFHeuristic
implementation utilizing GeoIP to preemptively ban specific countries of origin. If you have no clients in that country, your target demographic isn't there, or you do not provide services in a language from regions which are threat-heavy, they don't need to talk to your application. There is little to no benefit in permitting access, and potentially substantial risk.Example WAF heuristic instantiation to cover current trends:
This additionally allows for developers writing applications to take specific action as their situation demands.
Minor note about China: The current behavior of the "Great Firewall" is to block (in an interesting way) traffic utilizing modern TLS ESNI. By actively utilizing modern TLS/SSL, configured securely, you will be inaccessible (to the public) within geography impacted by that "firewall".
To assist in testing: https://www.uptimia.com/website-availability-test