Blocking other countries’ IP addresses to prevent hacking attacks from overseas has a few downsides:

a) You will block a lot of legitimate traffic – Armed forces overseas, IPs that are false positives etc.
b) IP addresses can be spoofed to look like they are coming from the U.S.
c) Working, valid US IP addresses can acquired by hackers.

Summary

Instead of blocking entire countries, provide redundant layers of security within and around your application. Web Application Firewalls (WAFs) are becoming increasingly popular. For a detailed discussion on what WAFs provide and the different offerings, you can review this earlier post.

Anuj holds professional certifications in Google Cloud, AWS as well as certifications in Docker and App Performance Tools such as New Relic. He specializes in Cloud Security, Data Encryption and Container Technologies.

Initial Consultation

Anuj Varma – who has written posts on Anuj Varma, Hands-On Technology Architect, Clean Air Activist.

 Twitter Linkedin