Geo IP Blocking
239 views
Skip to first unread message
fc99...@gmail.com
Aug 29, 2023, 1:08:27 PM8/29/23
to Diladele Web Safety
Hello everyone,
I have a question about Geo IP Blocking. This somehow seems to work for me.
For example, certain websites are blocked if I set the country code "NL". Others, however, not e.g. (NOS.NL). This website is simply loaded without the blocking message then appearing.
Is the problem on my side or rather that I still have to configure something on the proxy. In the Admin Guide I have carried out exactly this step and also looked, for example, that the DB has been downloaded to the proxy.
I have a question about Geo IP Blocking. This somehow seems to work for me.
For example, certain websites are blocked if I set the country code "NL". Others, however, not e.g. (NOS.NL). This website is simply loaded without the blocking message then appearing.
Is the problem on my side or rather that I still have to configure something on the proxy. In the Admin Guide I have carried out exactly this step and also looked, for example, that the DB has been downloaded to the proxy.
rafael....@diladele.com
Aug 30, 2023, 3:20:50 AM8/30/23
to Diladele Web Safety
Good morning, fc99,
The GeoIP blocking works like the following:
- the proxy gets a request to connect to nos.nl site
- the proxy does the DNS resolve of that name and gets a list of IP addresses
- proxy gets the first address and sends the domain name with that address to the web filter
- web filter looks into the geoip database on /opt/websafety/var/spool/geoip (linux) or c:\programdata\webproxy\var\spool\geoip and tries to lookup the country code of that IP
- if it is NL then it is blocked.
So:
- it might be the nos.nl hosts its site in cloud flare/azure - which gets identified by the owner and get assigned the US label for example
- or the actual IP address of the nos server is indeed in the other zone (like in US of you are travelling).
- and the geoip also needs to be updated periodically (this is done automatically if you provided the api token in the Admin UI).
In general the geoip blocking is just another layer of filtering not a complete always correct working one magic tool.
Hope it clarifies things.
Best regards,
Rafael
fc99...@gmail.com
Aug 30, 2023, 10:07:22 AM8/30/23
to Diladele Web Safety
Hello Rafael,
I noticed that it doesn't go with the domain name but does a lookup where the server is currently located, I noticed that on other websites. e.g. where a .DE site has the provider or hosting server in France. Because I thought geoblocking was based on the domain name, but that's how it is. I checked where nos.nl is hosted, an IP is e.g. in Switzerland so it is clear why the geoblock didn't start thanks for the explanation so it becomes clear why something works and other things don't.
Now I have one more question, if you do geoblocking for NL, for example, is it possible to whitelist certain websites that you want to exclude from it or is that not possible?
I installed the latest version of the proxy but unfortunately I couldn't find any functionality.
Rafael Akchurin
Aug 31, 2023, 2:39:28 AM8/31/23
to web-s...@googlegroups.com
GeoIP blocking is done as part of the web filter module – so to skip geoip for some sites – you would need to add that site to exclusions (either global or per policy as needed).
Best regards,
Rafael
--
You received this message because you are subscribed to a topic in the Google Groups "Diladele Web Safety" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/web-safety/UsFBUABDTZ0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
web-safety+...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/web-safety/f1ccaafe-9da2-485b-8b46-a8f72c408ad0n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages