with infrastructure the size of twitter you can also blackhole their whole IP range
Just one note, services the size of Twitter typically use cloud infrastructure so if you block that indiscriminately you risk blocking a lot of unrelated stuff.
Their load balancers are at least bound to have dedicated addresses, maybe IP range was a bit overzealous.
In any case it’s not going to be an issue of blocking port 80 on one IP and finding out that it serves five hundred semi-unrelated domains. Unrelated short of all using the same wordpress or whatnot hoster, that is.
short of all using the same wordpress or whatnot hoster, that is.
That’s the thing, that’s common practice. It’s basically a given nowadays for shared web hosting to use one IP for a few dozen websites, or for a service to leverage a load/geo-balancer with 20 IPs into a CDN serving static assets for thousands of domains.
Just one note, services the size of Twitter typically use cloud infrastructure so if you block that indiscriminately you risk blocking a lot of unrelated stuff.
Their load balancers are at least bound to have dedicated addresses, maybe IP range was a bit overzealous.
In any case it’s not going to be an issue of blocking port 80 on one IP and finding out that it serves five hundred semi-unrelated domains. Unrelated short of all using the same wordpress or whatnot hoster, that is.
That’s the thing, that’s common practice. It’s basically a given nowadays for shared web hosting to use one IP for a few dozen websites, or for a service to leverage a load/geo-balancer with 20 IPs into a CDN serving static assets for thousands of domains.