• Kissaki@programming.dev
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    The point is it makes them identifiable. If you block anything not authenticatable, and everything that auths via *.google.com, you are effectively blocking everything from Google.

    If you fear they will evade to other domains, you’ll have to use an allow-list.

    • refalo@programming.dev
      link
      fedilink
      arrow-up
      1
      ·
      2 months ago

      Ok so effectively then this basically shifts the work from blocking IPs to blocking domains. It might slow down some smaller players, but I imagine anyone with a decent amount of money can afford an insane number of domains.