继续讨论之前关于欧盟版权指令刚刚通过议会的话题:
欧盟版权指令及审查系统刚刚通过,情况相当糟糕。其全面影响尚不明确,但目前已知的主要问题包括:
论坛讨论中的一个常态是链接到其他网站并引用其文章以推进讨论。这一直被视为合理使用,除非用户发布整篇文章内容(这种情况也频繁发生,应予以管理)。
我的建议是为 Discourse 添加以下功能:
如果您经常收到来自某些地区的垃圾信息,而这些地区实际上不太可能有用户阅读您的论坛,那么这些功能无论在哪种情况下都可能很有用。
(我打算将我的论坛迁移到 Fastly 托管,届时我会在该层面处理此问题。仅提供反馈。)
As far as I was aware, any site over three years old is caught by this article of the Directive - not just popular sites.
Well that makes it much worse, I guess, if that’s the case. I know the exact details kept changing a little bit, and the member states can implement their own exact versions of the rules — which makes it worse, IMO, because every country there will have slightly different rules. How can anybody navigate that?
It’s been discussed but it is a complex thing to build, and we’d only build it for enterprise customers who absolutely required it.
There are one or two relatively minor related feature things Discourse would gain out of implementing this, but it’d be a lot of work, so the cost/benefit is not quite there outside enterprise.
@sam might have more to add. This is not currently on our roadmap, to be clear, because the enterprise customers who “needed” this suddenly decided they didn’t when we told them the cost 
With the availability of VPN services the user of geographic blocks doesn’t achieve anything. A user originating from Europe on a VPN still exposes you to the same risks. If any part of the traffic passes through europe, it can be considered as included.
Member countries have yet to turn the EU ruling into local laws, and if GDPR is anything to go by they’re free to interpret the EU wording to the limits of the language.
Just like GDPR this is a problem without an easily navigable solution.
Technically now that we ship the maxmind db out of the box, this kind of feature would only take a few weeks to build.
Caveats being:
NGINX would not do any blocking so “anon requests” would unconditionally have to be funneled through the app which would cause perf issues.
CDN support would be tricky, most CDNs out there don’t support a mechanism for this so it is likely you would not be able to use most CDNs.
I don’t see us building this though cause it goes against a lot of our principles. Closet feature I can see us building is “self service, best effort strong IP block” (aka. if your IP matches list then application will return an access denied prior to walking through all the app code) cause this can allow all sorts of forums to protect themselves a bit better against abuse beyond the rate limiting we ship.
If you really really deem that you need this, why not drive all your traffic via cloudfront and have it do it for you?
To be clear though, it’s not just about blocking visitors, it’s about sites embedding re-using or embedding content from EU entities.
That’s why the YouTube geoblock is useless, rights holders could still identify their content being shared with other audiences worldwide.
@Stephen totally understood, from reading:
My guess is that @geek is simply saying, “I don’t want to think about this problem, I am worried Europe are going to put me out of business, can I have this feature please”
I think there is a lot of uncertainty when new laws pass, some of us are a lot more risk averse than others
The last thing I want is for this topic to devolve into one of those GDPR scare topics. Where 1 side is saying “Don’t worry be happy” and the other side is saying “The sky is falling”.
Happy to talk about what Discourse can technically do and what we have in our roadmap.
Warning though for all the readers here, cause we are just in post 7 and this my spidey sense is tingling real bad. 
Lets stay laser focused on discussing:
“Ability to Block Discourse Access from Geographic Regions or Countries”
The only thing I’m saying is that an option to block the entire forum at a country level would be nice. That would neatly solve the issue entirely for anybody that doesn’t want to navigate the legal issues. If you don’t operate in a country you aren’t subject to its laws.
I don’t actually need this personally, as I mentioned in my original post.
Was just giving feedback.
Yep, I get that, but as I said geo-blocking EU users doesn’t achieve that.
Don’t believe this is correct.
First, it’s not a tax, so let’s drop the fear-mongering ‘spin’.
The data in the open graph tags is much more than a couple of words. Given its purpose, despite not being a lawyer (@angus), my hunch is that there exists an implicit licence to use this data as previewing remotely is exactly what it’s meant for. If they didn’t want you to use this text, why include it in their open graph tags? We might need this tested in court to confirm, though why someone would bring a case against you for linking to their site using their link data is anyone’s guess!
I suspect therefore oneboxing will continue to not require an explicit licence.
I will certainly continue to do so without any fear of repercussions.
I appreciate quoting from arbitrary points in the main text is going to be a bit more tricky.
If you dig through the legalese they’re mostly concerned with lifting enough of an excerpt to negate the need to click through to the article.
Opengraph is neither the problem nor the solution. As previous EU decisions it will be down to individual member states as to how this manifests into enforceable laws.
But yes that’s the crux of it, they’re concerned with publisher to publisher, not audience.
And that is at their discretion because they determine the link excerpt.
All blown out of proportion!!
Easy:
The only thing you lose is the ability to see the real IP of users if you are using a reverse proxy + cloudflare, but that can probably be fixed too if you really care about it.
Maybe there are other CDN’s that can do it, but with a free CDN like Cloudflare that can serve the needs of like 90% of the websites for free I don’t see a reason to look for another one.
Does someone really believe, that blocking will solve anything?
It’s a regulatory / compliance question, that will be addressed sooner or later by legislation due international free trade and copyright agreements.
In my opinion, we need to talk about risk management and watch dog processes instead of over-blocking and the chilling effects.
感谢那些将本话题带偏成政治争论的朋友,不过不必了。
目前是否有基于 geoip 数据库的技术实现(如插件),可用于屏蔽对 Discourse 的访问?
不,没有。这是个糟糕的主意,人们很少会花时间去做那些事。
如果这件事对你真的很重要,你就需要在申请前采取一些行动。
您最好的选择可能是 Cloudflare。如果选择 Cloudflare,您需要完成一系列操作,以确保其加速服务不会破坏 Discourse。关于这一点,已有不少相关主题可供参考。
为什么不在 iptables 中使用 geoip 阻止规则?
要轻松实现此目的,无需维护或 cron:GitHub - friendly-bits/geoip-shell: User-friendly and versatile geoblocker for Linux
现在有了这个:地理封锁插件