Ask HN: Why is HN blocking Mullvad?

40 points by tomxor ↗ HN
Today I was presented with a blank HTTP 403 when trying to access the HN login page, but only on Mullvad.

Has HN added new blocking mechanisms, if so why, and how do they work... and more generally, why is blocking VPN IPs becoming more common?

The standard excuse I've heard before is "VPNs are a larger source of abuse". I take issue with this reasoning in that firstly: it lacks a denominator, VPNs are a larger source of traffic in general, abuse should be considered as a ratio. Secondly, VPNs are a known highly NATed collection of IPs, so lots of legitimate users will be thrown under the bus in the same stroke.

These arguments usually fall on deaf ears with most site owners who do not care about user discrimination, and will reach for the easiest blunt tool rather than make their service more fundamentally resilient. I expected more from HN though.

23 comments

[ 3.2 ms ] story [ 53.0 ms ] thread
> These arguments usually fall on deaf ears with most site owners who do not care about user discrimination, and will reach for the easiest blunt tool rather than make their service more fundamentally resilient.

Have you contacted hn@ycombinator.com because Dang is very responsive and helpful, despite it being a very demanding job running HN. Dang should be praised rather than criticized for the wonderful job he does.

[flagged]
You mean imagine being a decent supportive human being? I’m honestly sorry for whatever life experiences led you to this point.
I'm at the bar RN.

Despite it's their work I say thanks eveeytime I'm being served a drink.

I'm not criticising anyone in particular, but I thought HN might be more open to a discussion about it. I would be interested in what mechanisms HN has chosen for blocking and why @dang if you know?
@dang doesn’t do anything to notify or ping dang here. Emailing him as above is the only way to get his attention with certainty.
> praised rather than criticized

It's fine (and arguably good) to do both.

If you ever find yourself in a job serving the public, you will find it is 99.9% criticism. It's not good to be critical. If you really have to, give helpful suggestions. Don't say, as the OP did, "I expect better".
> I take issue with this reasoning in that firstly: it lacks a denominator, VPNs are a larger source of traffic in general, abuse should be considered as a ratio.

Why do you assume they don't do this and that VPN traffic doesn't have a much higher rate of abuse? Having significant legitimate traffic and a much higher rate of abusive traffic are not mutually exclusive.

As I said this is "the standard excuse I've heard before", I have no information from HN yet so I'm just highlighting the usual reason and it's flaws up front.
Did you try another mullvad server? Or geolocation??
After digging through enough servers I eventually found some that worked, severs are being blocked in the UK.

[edit]

I've gone through all the UK wireguard servers and these ones are blocked:

  gb14-wireguard 185.195.232.69
  gb33-wireguard 185.248.85.3
  gb35-wireguard 185.248.85.33
  gb4-wireguard  141.98.252.130
  gb5-wireguard  141.98.252.222
To be fair that's only 5 out of 33, I somehow got really unlucky in my first 4 tries and hit 4 blocked ones.
Presently on gb14-wireguard but IP 185.195.232.163.

I have been getting A LOT of CAPTCHAs recently though.

I've been using HN on Mullvad for a while and never experienced any issues. It could be only some servers. Most places that ban VPNs usually don't recognize it as a VPN; the bad actors tend to use free ones.
Same here I've used them for many years, but here I am being blocked, so it can happen.

I've listed the banned servers in another response.

Did you try sending an email to the address in the faq?
HN isn't blocking Mullvad. Nor have we added any blocking mechanisms recently, unless you count some code I wrote to catch a weird and slightly tricky new spam ring.

I'd be happy to help you, but for that you should follow the site guidelines and ask us at hn@ycombinator.com instead of jumping to conclusions and posting riler-upper threads.

https://news.ycombinator.com/newsguidelines.html

Thanks, I'll do that in future.

> instead of jumping to conclusions and posting riler-upper threads.

Sorry that was not my intention, I wanted to open up a more general discussion beyond hacker news because blocking seems to be becoming more common. It was a mistake to combining these two.

Thanks! Sorry from my side too, for getting a bit irritated there.