GeoDosch

Tony, I saw your update to the ticket, and that it was my fault because at some point I had blocked that subnet from my site. Thanks for finding that so quickly (now I feel like an idiot LOL.) I'll need to review my deny list, and probably create a custom 403 page so I don't fool myself again. I appreciate the fast response, and as always the outstanding service!

I reproduced the problem just now, so I've opened a new ticket: VFP-933-15524 Thanks, -George

Tony, A couple of years ago I opened ticket VAE-864-18071 for this exact issue, and this was the response I received: "It seems the IP of your VPN is either blacklisted or blocked on our servers firewall. If there are any particular IPs for your VPN, kindly let us know so that we can have a detailed look into it. If the IP is temporarily blocked on our server's firewall, it will show a captcha so you could still visit the site. It seems the VPN's IP is permanently blocked on our server's firewall." Based on that response it seems there are two classes of IPs being blocked: temporary and blacklisted. Apparently many of the NordVPN nodes fall into the latter category. So is there a reason the 'blacklisted' IPs couldn't also be given a Captcha challenge? Since the IP of the VPN is very fluid, trying to get each one opened individually as the 403 errors occur doesn't seem like a good solution. Thank you, -George

I use NordVPN for my Internet access (to prevent my ISP from collecting marketing information from my browsing.) But many of the NordVPN nodes are blocked by Hawk Host, which prevents me from accessing my own domain. I can understand that bad actors are using VPNs to hide their activity, and I'm glad that Hawk Host is blocking them. But instead of just throwing a 403 Forbidden error, I would like it to perform a Captcha challenge to prove they are not a BOT. With the current set-up I must randomly try different VPN nodes until I find one that isn't blacklisted. I often have to switch to a node in Canada to not be blocked. Many sites do exactly this: instead of completely blocking the user completely, they can complete a Captcha challenge, then continue to the site (aetna.com is a good example of that.) The current set-up is frustrating for me, and I have no idea how many users are blocked from access to my site and don't realize why. I would also ask in advance that, if this is implemented, to please not use the cheesy captcha that is used for signing-up to this forum. It's not only overly tedious, but I had to try from several different browser before I could get past that screen. Google provides some excellent options, some of which base the challenge difficulty on the source IP reputation, and they don't charge for commercial use (I use one on my site.)