On Mon, 2014-09-29 at 12:16 -0500, Les Mikesell wrote: > On Fri, Sep 26, 2014 at 10:38 PM, Always Learning <centos at u62.u22.net> wrote: > > > > If this inconvenience's an innocent web user, I have neither ability to > > detect the inconvenience nor to determine the user's innocence. I > > understand your hotel analogue. In England many hotel guests use their > > mobile phones or tablets - not on wifi but on direct radio (mobile > > telephone) links; each link having a distinctive IP address. > > > > If the web hacker is operating through a data centre, then I permanently > > block, for port 80, the whole of the data centre's known IP block. > > > > The alternative is to be a willing victim. > It's more a question of why you run the service at all. If blocking > people from reaching it doesn't bother you, why not just shut it down? Blocking people ? Data Centre bots that download all or parts of my web sites for someone's personal amusement or for commercial gain of their customers or simply to find email addresses to use for spamming, are not the 'people' I want to attract. Why should I tolerate some malicious nutter trying to hack into my web servers ? Better to block their IP after the first attempt. Why should I close everything because of a very small, but very active, group of pests ? Better to block the compromised IPs and the rent-an-IP-address-for-a-few-hours services whilst letting everything else continue normally. No logical reason to give spammers and hackers unrestricted access. Abuse my facilities and my systems will cut them off. Its a simple and effective policy. -- Regards, Paul. England, EU.