• njordomir@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      13
      ·
      1 year ago

      Originally, I was just planning on being mildly infuriated, but thank you for the in-depth explanation. Networking is my weakest nerd-stat and its truly interesting. I’ll try a few other servers and see if they are blocked. My VPN provider is known for privacy, so it wouldn’t surprise me if someone is doing sketchy things on there. Then again, it’s only a mild annoyance and an irony since Consumer Reports have reviewed the same provider I have been using.

      • JDubbleu@programming.dev
        link
        fedilink
        English
        arrow-up
        10
        ·
        edit-2
        1 year ago

        It’s ironic but makes complete sense if we’re assuming they blocked the VPN server IP.

        Say I’m a malicious user who’s using VPN server #22 from ProtonVPN (my personal favorite provider). The victim (CR in this case) isn’t going to see they’re being attacked by someone on VPN server #22 from ProtonVPN, they’re going to see the IP of that server and nothing else.

        It really doesn’t matter if they did have that information because no human will be involved. The traffic will be marked as malicious and blocked by some software designed to monitor, identify, and block traffic that looks malicious. This is almost always done based on IP. It’s usually reversed in a few days though because IP addresses change frequently, so there’s no sense in continuing to block traffic from an IP you can’t guarantee belongs to the original attacker.

    • asdfasdfasdf@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Couldn’t there be some alternative like having VPNs provide a standardized API for websites to report bots from using anonymized data take from the HTTP requests? Then the VPN can block the user after reviewing the usage data they have.

      • Redeven@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        That would require the VPN service to keep track of users’ usage and be able to match traffic to user, which most (or most of the big ones at least) very specifically, very on purpose, explicitly say they don’t do, which would be really bad for them if it turned out to be false.