my own site for my very small business gets about 10 legit visitors a week, none of which have ever connected via a known vpn address (dating back some 15 years). another 100 page views a week on average from legit bots (msn, google, etc).
the rest (and well over 95% of overall traffic) is bots, scrapers, and hackers, many of which use addresses linked to vpn services and pound the sites on the server looking for exploitable scripts (wordpress related, usually; which we’ve never run here), login and contact forms. if i could simply ‘flip a switch’ and redirect all vpn traffic to a separate landing page, i would seriously consider doing so. it wouldn’t affect site availability to our legit users and our target audience. but for now, mod_security is doing a stellar job and is the mvp.
Not to mention sites blacklisting VPN IPs
Try making an account without any of the 3 “approved” email addresses ᕕ( ᐛ )ᕗ
“you’re using a sub domain, get out of here you terrorist!”
my own site for my very small business gets about 10 legit visitors a week, none of which have ever connected via a known vpn address (dating back some 15 years). another 100 page views a week on average from legit bots (msn, google, etc).
the rest (and well over 95% of overall traffic) is bots, scrapers, and hackers, many of which use addresses linked to vpn services and pound the sites on the server looking for exploitable scripts (wordpress related, usually; which we’ve never run here), login and contact forms. if i could simply ‘flip a switch’ and redirect all vpn traffic to a separate landing page, i would seriously consider doing so. it wouldn’t affect site availability to our legit users and our target audience. but for now, mod_security is doing a stellar job and is the mvp.