[philipwhiuk]

> As someone who also sees this kind of messages fairly often, I always wondered about companies/individuals who voluntarily (not being forced by law, that's another story) block their users by IPs coming from bad countries...

As a service owner currently looking at adding widescale blocks based on location... it's not a global business, so the downside of blocking an entire country is functionally zero and the upside of easily removing a tonne of compromised machines from the 'can try to DDoS us' pool is noticeable.

[behnamoh]

If someone from Iran wants to do DDoS attacks they probably know enough to change their own IP to somewhere else so your blocking Iranian IPs is basically futile.

[kelnos]

The blanket actions you can take to reduce your attack surface will often work to stamp out low/mid effort attacks, but the more sophisticated attackers who really want to specifically target you will take the time to get around these simpler countermeasures. That doesn't make those countermeasures useless, though.