|
|
Posted by Jukka K. Korpela on 09/23/06 11:35
Alan J. Flavell wrote:
>> I did a search and found myself here
>> <http://software77.net/cgi-bin/ip-country/geo-ip.pl> but I also
>> notice these
>>
>> <http://www.ip2location.com/> (which can pinpoint beyond country,
>> down to city)
>
> Well yes - in favourable cases. But there are enough cases where it
> won't do what was wanted, to make it impractical for real use. It says
> I'm located in London, which is wrong. I'd say giving a wrong answer
> is worse than admitting that the information simply isn't available.
The former of the services tells about 147.243.3.83 for example: "Country
Not Found".
Actually their FAQ warns about problems with multinational organizations.
That's more reasonable than giving wrong information, but it also raises the
question what should be done in that case, assuming that someone is forcing
you to prevent access from a particular country.
>> I want to deny access to a particular page for all visitors coming
>> from a particular country. Visitors from all other countries can
>> have access. It's a question of complying with a court order
>> granting suppression of information to a particular country.
>
> That might be different! Presumably now it's not so much a question
> of actually working (in the technical sense), but of doing whatever
> the court says you have to do.
I'm afraid the court order is very vague. Lawyers tend understand IT issues
even much less than IE people understand legal issues.
Anyway, denying access by the country of the _visitor_ is quite different
from denying access by the country of the _computer_. I'm pretty sure the
court didn't understand that.
What might help the OP avoid prison and bankruptcy is a _reasonable effort_
to do what the court might be guessed to have meant. (I'm not saying "best
effort", since nobody could afford best effort in a case like this.) Using
the IP to country mapping services and treating unknown country as one that
needs to be exluded might do that, when combined with .htaccess access
control by IP address. For the technicalities, the server documentation
would need to be consulted, which probably means something like
http://httpd.apache.org/docs/1.3/howto/auth.html
That means you would use deny directives, instead of trying any redirection.
You would "want" to exclude, not to send visitors to a particular page. The
denial could be accompanied with an error message (using the ErrorDocument
directive), i.e. a document that explains the situation to people who try to
access the page but are banned according to their IP. This would be in
accordance with the spirit of Internet protocols, but it could be construed
as a way of telling banned people how to avoid the banning, since to be
informative at all, you would need to reveal something about the banning
criteria. And as long as a prospective user knows that the IP is the
problem, he can circumvent the banning rather easily (though most people
would have to ask a friend to help there).
This will cost money and time, and it will exclude visitors that are not
from the country to be excluded. If my survival depended on a business where
such things need to be done, I'd try and find some other way to earn my
living. Such a court order indicates both lack of understanding how the
Internet works and willingness to control communication in a manner in which
it cannot be controlled, so who knows what they'll throw at you next week?
--
Jukka K. Korpela ("Yucca")
http://www.cs.tut.fi/~jkorpela/
Navigation:
[Reply to this message]
|