¿Cómo puedo bloquear las solicitudes de China en mi aplicación?

Tengo una API que es algo popular (más de 10.000 solicitudes por día). Después de 10 solicitudes por día desde una dirección IP, devuelvo un mensaje que le dice al usuario que necesita un poco de efectivo si quiere usar más el servicio.¿Cómo puedo bloquear las solicitudes de China en mi aplicación?

Esta mañana, encontré que mi servicio web funcionaba terriblemente lento. Revisé la base de datos y recibí un spam completo con solicitudes de direcciones IP originarias de China. Utilizarían una dirección IP 10 veces y luego incrementarían el último octeto. Tiempos tristes.

Me gustaría limitar o cortar por completo las solicitudes de China, por el bien de mantener el sistema vivo. ¿Cuál es la mejor manera de hacer esto? Geolookup cada solicitud y prohibición por código de país en PHP? Esto parece una forma ineficiente. No hay nada que pueda hacer en el nivel de htaccess, ¿verdad?

Fuente

2011-05-13 Kirk Ouimet

No lo haga en el nivel .htaccess. En ese momento, la conexión ya está hecha y absorbiendo los recursos del servidor, incluso si solo se rechaza de inmediato. Bloquear el acceso en el firewall. –

¿Quizás solo pueda hacer una comprobación rápida si la IP en China está bloqueada? http://www.nirsoft.net/countryip/cn.html –

Supuestamente esta es una lista de rangos de IP chinos: http://www.wizcrafts.net/chinese-blocklist.html No tengo idea de lo legítimo que es, pero el relleno aquellos en su firewall en una regla de bloque teóricamente arreglarían lo peor de su problema de spam. –

Sólo bloquear todo el rango de direcciones IP de porcelana: en .htaccess

#China 
deny from 203.135.96.0/19 
deny from 203.208.32.0/19 
deny from 202.165.176.0/20 
deny from 59.108.0.0/14 
deny from 210.25.0.0/16 
deny from 202.95.252.0/22 
deny from 219.216.0.0/13 
deny from 202.170.128.0/19 
deny from 60.247.0.0/16 
deny from 221.13.0.0/16 
deny from 125.96.0.0/15 
deny from 202.38.0.0/20 
deny from 203.192.0.0/19 
deny from 202.122.128.0/24 
deny from 218.56.0.0/13 
deny from 203.166.160.0/19 
deny from 202.122.112.0/21 
deny from 203.190.96.0/20 
deny from 219.72.0.0/16 
deny from 124.172.0.0/15 
deny from 210.79.64.0/18 
deny from 198.17.7.0/24 
deny from 202.168.160.0/19 
deny from 203.91.120.0/21 
deny from 220.160.0.0/11 
deny from 202.127.192.0/20 
deny from 202.127.216.0/21 
deny from 60.253.128.0/17 
deny from 58.82.0.0/15 
deny from 202.85.208.0/20 
deny from 124.249.0.0/16 
deny from 202.90.224.0/20 
deny from 59.192.0.0/10 
deny from 192.83.122.0/24 
deny from 202.38.152.0/22 
deny from 202.69.16.0/20 
deny from 210.14.128.0/17 
deny from 124.240.0.0/17 
deny from 222.240.0.0/13 
deny from 221.176.0.0/13 
deny from 203.191.16.0/20 
deny from 124.200.0.0/13 
deny from 202.60.112.0/20 
deny from 203.94.0.0/19 
deny from 221.12.0.0/17 
deny from 221.14.0.0/15 
deny from 202.152.176.0/20 
deny from 121.4.0.0/15 
deny from 210.82.0.0/15 
deny from 203.152.64.0/19 
deny from 121.76.0.0/15 
deny from 59.191.0.0/17 
deny from 221.196.0.0/15 
deny from 202.165.208.0/20 
deny from 125.254.128.0/18 
deny from 210.14.64.0/19 
deny from 203.212.80.0/20 
deny from 202.112.0.0/13 
deny from 58.87.64.0/18 
deny from 61.45.128.0/18 
deny from 122.51.0.0/16 
deny from 210.32.0.0/12 
deny from 202.93.252.0/22 
deny from 202.90.0.0/22 
deny from 125.216.0.0/13 
deny from 222.64.0.0/11 
deny from 60.194.0.0/15 
deny from 210.23.32.0/19 
deny from 124.196.0.0/16 
deny from 203.158.16.0/21 
deny from 192.124.154.0/24 
deny from 122.0.128.0/17 
deny from 203.208.16.0/22 
deny from 202.127.16.0/20 
deny from 202.38.184.0/21 
deny from 210.192.96.0/19 
deny from 210.56.192.0/19 
deny from 202.173.224.0/19 
deny from 222.125.0.0/16 
deny from 202.20.120.0/24 
deny from 58.32.0.0/11 
deny from 202.164.0.0/20 
deny from 210.5.0.0/19 
deny from 202.8.128.0/19 
deny from 202.150.16.0/20 
deny from 203.86.64.0/19 
deny from 202.63.248.0/22 
deny from 203.174.96.0/19 
deny from 220.252.0.0/16 
deny from 210.185.192.0/18 
deny from 203.156.192.0/18 
deny from 203.110.160.0/19 
deny from 203.95.0.0/21 
deny from 222.16.0.0/12 
deny from 59.172.0.0/15 
deny from 202.38.136.0/23 
deny from 121.224.0.0/12 
deny from 203.191.64.0/18 
deny from 221.129.0.0/16 
deny from 121.40.0.0/14 
deny from 210.21.0.0/16 
deny from 59.151.0.0/17 
deny from 202.170.216.0/21 
deny from 203.130.32.0/19 
deny from 121.100.128.0/17 
deny from 202.127.12.0/22 
deny from 124.254.0.0/18 
deny from 203.135.160.0/20 
deny from 124.250.0.0/15 
deny from 202.14.88.0/24 
deny from 202.181.112.0/20 
deny from 202.38.160.0/23 
deny from 219.242.0.0/15 
deny from 203.191.144.0/20 
deny from 220.242.0.0/15 
deny from 61.29.128.0/17 
deny from 221.133.224.0/19 
deny from 203.196.0.0/21 
deny from 202.0.176.0/22 
deny from 122.0.64.0/18 
deny from 220.154.0.0/15 
deny from 222.168.0.0/13 
deny from 220.248.0.0/14 
deny from 218.185.192.0/19 
deny from 124.160.0.0/13 
deny from 202.38.168.0/21 
deny from 121.56.0.0/15 
deny from 121.55.0.0/18 
deny from 202.91.128.0/22 
deny from 121.59.0.0/16 
deny from 123.49.128.0/17 
deny from 220.232.64.0/18 
deny from 203.100.32.0/20 
deny from 202.122.32.0/21 
deny from 202.38.138.0/24 
deny from 202.14.235.0/24 
deny from 203.171.224.0/20 
deny from 202.4.252.0/22 
deny from 124.224.0.0/12 
deny from 202.38.128.0/21 
deny from 121.51.0.0/16 
deny from 202.127.112.0/20 
deny from 166.111.0.0/16 
deny from 124.108.40.0/21 
deny from 203.207.128.0/17 
deny from 218.104.0.0/14 
deny from 58.30.0.0/15 
deny from 124.156.0.0/16 
deny from 202.14.236.0/23 
deny from 125.31.192.0/18 
deny from 203.90.128.0/18 
deny from 124.66.0.0/17 
deny from 202.136.208.0/20 
deny from 210.16.128.0/18 
deny from 221.0.0.0/13 
deny from 203.128.32.0/19 
deny from 61.128.0.0/10 
deny from 58.116.0.0/14 
deny from 202.130.0.0/19 
deny from 192.83.169.0/24 
deny from 202.94.0.0/19 
deny from 202.46.32.0/19 
deny from 60.232.0.0/15 
deny from 61.87.192.0/18 
deny from 203.222.42.64/26 
deny from 60.255.0.0/16 
deny from 124.20.0.0/15 
deny from 121.32.0.0/13 
deny from 202.38.140.0/22 
deny from 203.184.80.0/20 
deny from 58.144.0.0/16 
deny from 210.15.0.0/17 
deny from 124.68.0.0/14 
deny from 219.128.0.0/11 
deny from 121.204.0.0/14 
deny from 202.127.128.0/19 
deny from 218.64.0.0/11 
deny from 124.108.8.0/21 
deny from 125.213.0.0/17 
deny from 202.74.8.0/21 
deny from 61.236.0.0/15 
deny from 61.48.0.0/13 
deny from 219.224.0.0/12 
deny from 121.0.16.0/20 
deny from 125.98.0.0/16 
deny from 222.192.0.0/11 
deny from 202.180.128.0/19 
deny from 121.89.0.0/16 
deny from 202.96.0.0/12 
deny from 203.100.80.0/20 
deny from 203.88.192.0/19 
deny from 121.248.0.0/14 
deny from 221.200.0.0/13 
deny from 202.38.158.0/23 
deny from 202.38.149.0/24 
deny from 162.105.0.0/16 
deny from 210.15.128.0/18 
deny from 221.172.0.0/14 
deny from 125.215.0.0/18 
deny from 218.192.0.0/12 
deny from 202.131.48.0/20 
deny from 202.92.252.0/22 
deny from 220.192.0.0/12 
deny from 202.38.146.0/23 
deny from 203.95.96.0/19 
deny from 202.69.4.0/22 
deny from 58.128.0.0/13 
deny from 203.118.192.0/19 
deny from 203.128.96.0/19 
deny from 202.136.224.0/20 
deny from 222.126.128.0/17 
deny from 122.200.64.0/18 
deny from 61.8.160.0/20 
deny from 202.38.150.0/23 
deny from 58.192.0.0/11 
deny from 203.212.0.0/20 
deny from 124.248.0.0/17 
deny from 222.128.0.0/12 
deny from 203.92.0.0/22 
deny from 202.38.192.0/18 
deny from 221.199.224.0/19 
deny from 210.79.224.0/19 
deny from 202.91.0.0/22 
deny from 221.224.0.0/12 
deny from 203.208.0.0/20 
deny from 203.207.64.0/18 
deny from 202.149.160.0/19 
deny from 202.149.224.0/19 
deny from 202.189.80.0/20 
deny from 203.80.144.0/20 
deny from 58.66.0.0/15 
deny from 202.70.0.0/19 
deny from 210.78.0.0/16 
deny from 203.209.224.0/19 
deny from 202.131.16.0/21 
deny from 58.24.0.0/15 
deny from 202.179.240.0/20 
deny from 202.4.128.0/19 
deny from 202.14.238.0/24 
deny from 222.176.0.0/12 
deny from 222.160.0.0/14 
deny from 220.112.0.0/14 
deny from 167.139.0.0/16 
deny from 122.4.0.0/14 
deny from 202.153.48.0/20 
deny from 221.12.128.0/18 
deny from 211.144.0.0/12 
deny from 211.64.0.0/13 
deny from 124.6.64.0/18 
deny from 125.112.0.0/12 
deny from 203.83.56.0/21 
deny from 124.29.0.0/17 
deny from 124.16.0.0/15 
deny from 202.136.48.0/20 
deny from 61.47.128.0/18 
deny from 124.40.128.0/18 
deny from 202.127.212.0/22 
deny from 203.148.0.0/18 
deny from 59.64.0.0/12 
deny from 122.48.0.0/16 
deny from 124.42.0.0/17 
deny from 218.249.0.0/16 
deny from 124.242.0.0/16 
deny from 203.132.32.0/19 
deny from 203.79.0.0/20 
deny from 202.38.176.0/23 
deny from 202.43.144.0/20 
deny from 202.123.96.0/20 
deny from 203.175.192.0/18 
deny from 125.171.0.0/16 
deny from 211.136.0.0/13 
deny from 203.128.128.0/19 
deny from 192.188.170.0/24 
deny from 122.8.0.0/13 
deny from 124.67.0.0/16 
deny from 202.91.176.0/20 
deny from 124.243.192.0/18 
deny from 221.122.0.0/15 
deny from 203.90.0.0/22 
deny from 210.28.0.0/14 
deny from 202.122.64.0/19 
deny from 220.231.0.0/18 
deny from 210.52.0.0/15 
deny from 220.234.0.0/16 
deny from 202.38.164.0/22 
deny from 202.127.224.0/19 
deny from 203.81.16.0/20 
deny from 202.127.48.0/20 
deny from 134.196.0.0/16 
deny from 218.0.0.0/11 
deny from 60.63.0.0/16 
deny from 203.93.0.0/16 
deny from 124.72.0.0/13 
deny from 61.240.0.0/14 
deny from 202.127.40.0/21 
deny from 202.127.208.0/23 
deny from 125.210.0.0/16 
deny from 211.96.0.0/13 
deny from 61.28.0.0/17 
deny from 60.235.0.0/16 
deny from 202.158.160.0/19 
deny from 121.46.0.0/15 
deny from 59.80.0.0/14 
deny from 203.176.168.0/21 
deny from 121.60.0.0/14 
deny from 202.143.16.0/20 
deny from 58.154.0.0/15 
deny from 221.208.0.0/12 
deny from 210.51.0.0/16 
deny from 218.108.0.0/15 
deny from 61.232.0.0/14 
deny from 121.201.0.0/16 
deny from 124.88.0.0/13 
deny from 221.198.0.0/16 
deny from 203.161.192.0/19 
deny from 203.119.32.0/22 
deny from 202.38.156.0/24 
deny from 202.92.0.0/22 
deny from 221.130.0.0/15 
deny from 168.160.0.0/16 
deny from 222.32.0.0/11 
deny from 203.86.0.0/18 
deny from 121.16.0.0/12 
deny from 203.92.160.0/19 
deny from 202.46.224.0/20 
deny from 121.8.0.0/13 
deny from 59.107.0.0/16 
deny from 203.91.96.0/20 
deny from 122.198.0.0/16 
deny from 221.8.0.0/14 
deny from 219.82.0.0/16 
deny from 202.93.0.0/22 
deny from 60.55.0.0/16 
deny from 125.64.0.0/11 
deny from 203.187.160.0/19 
deny from 58.14.0.0/15 
deny from 124.64.0.0/15 
deny from 202.38.64.0/18 
deny from 125.58.128.0/17 
deny from 203.119.24.0/21 
deny from 203.100.192.0/20 
deny from 202.165.96.0/20 
deny from 202.160.176.0/20 
deny from 221.192.0.0/14 
deny from 202.120.0.0/15 
deny from 203.100.96.0/19 
deny from 202.127.160.0/21 
deny from 202.75.208.0/20 
deny from 125.62.0.0/18 
deny from 124.220.0.0/14 
deny from 202.91.224.0/19 
deny from 202.10.64.0/20 
deny from 202.90.252.0/22 
deny from 202.127.0.0/21 
deny from 220.231.128.0/17 
deny from 60.208.0.0/12 
deny from 218.96.0.0/14 
deny from 203.222.192.0/20 
deny from 60.200.0.0/13 
deny from 210.87.128.0/18 
deny from 125.208.0.0/18 
deny from 210.22.0.0/16 
deny from 125.32.0.0/12 
deny from 121.58.0.0/17 
deny from 202.136.252.0/22 
deny from 221.199.0.0/17 
deny from 203.99.16.0/20 
deny from 203.175.128.0/19 
deny from 203.91.32.0/19 
deny from 210.76.0.0/15 
deny from 60.245.128.0/17 
deny from 121.192.0.0/14 
deny from 203.89.0.0/22 
deny from 220.152.128.0/17 
deny from 210.72.0.0/14 
deny from 58.16.0.0/13 
deny from 202.0.110.0/24 
deny from 121.68.0.0/14 
deny from 202.41.152.0/21 
deny from 202.131.208.0/20 
deny from 221.199.192.0/20 
deny from 203.223.0.0/20 
deny from 124.112.0.0/13 
deny from 202.125.176.0/20 
deny from 203.90.192.0/19 
deny from 123.99.128.0/17 
deny from 221.199.128.0/18 
deny from 60.0.0.0/11 
deny from 202.142.16.0/20 
deny from 161.207.0.0/16 
deny from 202.130.224.0/19 
deny from 159.226.0.0/16 
deny from 210.5.128.0/19 
deny from 58.100.0.0/15 
deny from 124.47.0.0/18 
deny from 221.136.0.0/15 
deny from 218.240.0.0/13 
deny from 203.134.240.0/21 
deny from 58.240.0.0/12 
deny from 202.141.160.0/19 
deny from 210.12.0.0/15 
deny from 203.88.32.0/19 
deny from 202.148.96.0/19 
deny from 202.95.0.0/19 
deny from 222.248.0.0/15 
deny from 211.160.0.0/13 
deny from 203.99.80.0/20 
deny from 60.160.0.0/11 
deny from 202.41.240.0/20 
deny from 122.49.0.0/18 
deny from 211.80.0.0/12 
deny from 123.199.128.0/17 
deny from 202.192.0.0/12 
deny from 202.22.248.0/21 
deny from 219.244.0.0/14 
deny from 202.122.0.0/21 
deny from 59.32.0.0/11 
deny from 125.104.0.0/13 
deny from 124.192.0.0/15 
deny from 124.147.128.0/17 
deny from 124.128.0.0/13 
deny from 202.173.8.0/21 
deny from 210.26.0.0/15 
deny from 121.48.0.0/15 
deny from 220.101.192.0/18

Fuente

2011-05-13 16:18:50

¿Cuál es la fuente de esta lista? ¿Qué pasa si cambia con frecuencia? – webbiedave

im no estoy seguro, creo que busqué el bloque de china ips en google, vino con una lista de Corea, Rusia, India también. –

Pueden estar usando direcciones IP chinas ahora, pero prohibir un país y eventualmente otro país será el problema. Principalmente porque el país no tiene nada que ver con eso; el usuario es el problema. En lugar de prohibir los rangos de IP, debe detectar las direcciones IP que aumentan en un octeto cada vez que sobreviven a una versión de prueba gratuita.

Fuente

2011-05-13 16:17:57

Bloquea toda la subred del abusador para resolver el problema temporalmente. Estos tipos de usuarios también aparecerán en otros países, por lo que la mejor opción es solicitar un registro y una clave API para usar la API.

Si aún desea bloquear en función de la IP en lugar de la clave API, compruebe el tamaño de la subred que abusa usando whois (o BGP) y bloquee todo el rango de IP.

Fuente

2011-05-13 16:18:30

utilizo el servicio web MaxMind GeoIP: http://www.maxmind.com/en/web_services#country

Se obtiene 2.000.000 búsquedas por $ 200. Funciona muy bien, tiene una baja latencia y no es necesario mantener una base de datos local.

Fuente

2013-01-24 21:54:23