Quote:
Originally Posted by Webnauts
John Mu at Google said:
"Blocking all users outside of the US from being able to see your site would likely be considered cloaking and would be against our Webmaster Guidelines. Instead of blocking these users automatically, I would recommend that you add blocks based on the user's activity, not based on his location. "
And I think that is pretty fair.
|
I have no sites that only allow USA access, but regardless, I think John Mu is entirely incorrect. Sure, blocking based on user activity might be preferable, but it can be impossible for some webmasters. I manage a significant number of servers and networks. Malicious traffic from Russia, China, North Korea and a myriad of other locales can be highly disruptive to email servers, websites, intranets, etc. Is it more expedient for me to spend my time actively responding to the behavior of traffic that is 99.9% malicious or is my time better spent blocking the traffic entirely?
As an IT Manager I don't plan security and protection of sensitive data around the whims of Google, Yahoo, MSN or others. I have an obligation to the clients I support to keep their sites, servers and traffic as safe as possible.
Strong Security is multifaceted. When it calls for blocking a range of IPs or an entire country I will do so.
Is Google going to penalize you for relying on SBL, PBL, XBL lists to identify IP addresses and IP ranges of spammers? Are they going to penalize you for blocking known IP ranges of comment spammers, brute force attackers and email harvesters?
Prevention is the first line of defense. If my security becomes solely based on behavior instead of proactive prevention, I have failed.