What is the Geographical blocking?

Ordinarily, Syspeace remember a login attempt and allows more attempts until they trigger the detector rules.

(The detector rules are based on pattern of login attempts. Patterns that are customizable by the Syspeace user. They may allow some leeway for mistakes like mistyped, misremembered, or expired passwords by legitimate users.)

The geographical blocking of  Syspeace 3.0, however, let you set up Country rules, describing which countries that you do not want to allow access to and Syspeace will take action after any failed login attempt.

If you block Sweden – people logging in from Sweden gets less leniency

As an example, if you set up a Country rule to block Sweden, it does not mean that all of Sweden is blocked from the start. This is not a blacklist. But with Geographical blocking, the people logging in from Sweden gets less leniency.

If someone from Sweden make a login attempt that Syspeace identify as something that might be blocked later based on the detector rules – the geographical block gets into effect, and block the IP address immediately

By placing a country in a Country rule, you are saying that there are no legitimate users and no legitimate traffic expected from this country, and you give Syspeace instructions to act immediately.

Not a blacklist – because some traffic might be legitimate

By not making it a blacklist, it allows other forms of traffic than those Syspeace detects to be illegitimate.

If you have a web shop with a few pesky attackers that happen to be from Sweden, you probably do not want to blacklist all of Sweden. Because then you would lose your
Swedish customers.

The Geographical blocking will therefore not put you in a situation where you must choose between allowing or blocking all traffic from a whole country.

If you literally block Sweden, the country where we are based and our own backend and license servers are hosted, you will still be able to access our license web site and talk to our backend, because we will not do anything to trigger a login attempt on your server, and we will not have to maintain some secret master whitelist of IP addresses to avoid cutting off our own check-for-updates functionality in the process.

top