Searched the web and unable to find a solution. I have an umbraco site using IIS to host on a Windows server. Any ideas on approach to block users accessing site outside the UK? Htaccess approach would be too slow.... thank you in advance!
That's quite hard to do accurately, as you could have someone based in the UK using a European network provider, which means that they might appear to come from say Holland instead of the UK. It's also possible for people to spoof their location fairly easily if they really want to get at your site.
As Lex Li mentions there are plenty of commercial databases and tools for looking up a user's location, but the accuracy of these varies considerably, not to mention the fact that some of them only support IPv4. Any of these options are going to be slow though, as you'll have to check on every request. You also have to make sure you keep the databases up to date.
Another option would be to proxy your site through something like CloudFront or CloudFlare which both support blocking traffic by country.
Related
I'm hoping to get some kind of idea if what I have in mind is even possible or if I'm looking in the wrong place.
Basically, my company provides a website which users are able to access online with credentials we sell and provide them. We have another potential customer who would like to access this website. Sadly this customer is very stuck in the past, and they don't allow their users any internet access at all.
For a number of reasons, I don't want them to host their own version of this website. However, I considered that we might configure a web proxy on their network (which is given internet access) which reverse forwards connections to our website. Is this even possible? And should it be attempted? Or are there better ways to achieve this?
Yes it's possible, you can install on their intranet a simple proxy script for example
https://github.com/Athlon1600/php-proxy-app
and modify the index.php and allow from there only a single host to your website.
I don't know what technology you can use on their Intranet network but virtually for every web language, such software is available.
Here is some discussion related to the "Access the sites blocked over the network" that is just for Gmail but it will definitely help you too:
https://superuser.com/questions/453825/how-to-bypass-web-url-filtering-service-to-access-blocked-websites-proxy
For bypassing the firewall and getting access to the blocked sites:
http://www.makeuseof.com/tag/how-to-get-into-blocked-websites-in-school-with-freeproxy/
Good afternoon,
Recently websense bot (or employee) scanned my website.
Let's start with that my website is dedicated to really small group of ppl, in specific country. And so before that i had regional filter which blocked them. I also heard that they dont really have good opinion (In the past, these policies have been criticized because it can block innocent websites or content protected by free speech). But im not sure if is that enough...
I wanted to rangeban their ips, the problem is i cant find any lists with it...
Am i safe with only regional blockade?
You can try searching ARIN or RIPE, but neither it nor regional blocking cant protect totaly. It can be bypassed by using proxy servers or vpn in your specific country.
If group is really small and your website is really confidential, try SSL client certificate authentication.
I'm developing a new website with membership. Do you think any of these has advantages or disadvantages? I thought today that a mobile version will be available and I was planning m.website.com for that but in "username.website.com" case, this won't work. On the other hand, I think website.com/username is ugly.
I need and also want to know your ideas about this.
Thanks.
From a management standpoint, username.website.com will surely be greater. You have to create a new DNS record for each user. In order to do that programatically, you are going to have to manage your DNS with a service that has a API. I am pretty sure registrars like GoDaddy do not have this. Amazon has something called Route 53 that might?
username.website.com will never work as domain names are propagated via DNS servers and through millions of network devices. Any change to the domain name takes time.
Usually, if you want to handle users you can do something like this: www.website.com/users/bob so mobile version will differ only by m. prefix.
It's a lot harder to make a script that sets up subdomains than it is to make a folder for a user.
If you have a mobile site, you could fix the m.username.domain.com by making it username.domain.com/m, if you really want the subdomain.
My half a cent.
I am working on a website i will like to know the number of people who has visited the website. Can someone tell me what to do?
Use google analytics: http://www.google.com/analytics/
I would give you a code to insert but to be honest the best option is to use something like Google Analytics. It gives you a very good analysis of your website visits and has many features that will take you a very long time to develop
Since you've tagged this with asp.net, I presume you're running on IIS. Make sure logging is enabled for the site you're working with and then you can determine from the log files how many users are coming to your site by IP addresses.
Since it wasn't yet mentioned here in years, let me add that AWStats is very different from Google Analytics, but may anyway be a good web server traffic analysis tool for network administrators.
I want to check a particular website from various locations. For example, I see a site example.com from the US and it works fine. The colleague in Europe says he cannot see the site (gets a dns eror).
Is there any way I can check that for my self instead of asking him every time?
This is a bit of self promotion, but I built a tool to do just this that you might find useful, called GeoPeeker.
It remotely accesses a site from servers spread around the world, renders the page with webkit and sends back an image. It will also report the IP address and DNS information of the site as it appears from that location.
There are no ads, and it's very stream-lined to serve this one purpose. It's still in development, and feedback is welcome. Here's hoping somebody besides myself finds it useful!
Sometimes a website doesn't work on my PC and I want to know if it's the website or a problem local to me(e.g. my ISP, my router, etc).
The simplest way to check a website and avoid using your local network resources(and thus avoid any problems caused by them) is using a web proxy such as Proxy.org.
Well, DNS should be the same worldwide, wouldn't it? Of course it can take up to a day or so until your new DNS record is propagated around the world. So either something is wrong on your colleague's end or the DNS record still takes some time...
I usually use online DNS lookup tools for that, e.g. http://network-tools.com/
It can check your HTTP header as well. Only a proxy located in Europe would be better.
Besides using multiple proxies or proxy-networks, you might want to try the planet-lab. (And probably there are other similar institutions around).
The social solution would be to post a question on some board that you are searching for volunteers that proxy your requests. (They only have to allow for one destination in their proxy config thus the danger of becoming spam-whores is relatively low.) You should prepare credentials that ensure your partners of the authenticity of the claim that the destination is indeed your computer.
DNS info is cached at many places. If you have a server in Europe you may want to try to proxy through it
It depends on wether the locatoin is detected by different DNS resolution from different locations, or by IP address that you are browsing from.
If its by DNS, you could just modify your hosts file to point at the server used in europe. Get your friend to ping the address, to see if its different from the one yours resolves to.
To browse from a different IP address:
You can rent a VPS server. You can use putty / SSH to act as a proxy. I use this from time to time to brows from the US using a VPS server I rent in the US.
Having an account on a remote host may or may not be enough. Sadly, my dreamhost account, even though I have ssh access, does not allow proxying.
The only thing that springs to mind for this is to use a proxy server based in Europe. Either have your colleague set one up [if possible] or find a free proxy. A quick Google search came up with http://www.anonymousinet.com/ as the top result.