At work we got a login attack via VPN IPs and we blocked VPNs from login in via AWS WAF and 2 days later a major user was complaining that he cant login. We had to remove the rule. (developers were working on captcha in the meantime)
I also used a tunnel when Spotify was not available globally. It did not create any issues.
Using a Public VPN is double edged sword. If you really need it its better to setup a wireguard tunnel to a own server as the the Public VPN IPs as monitored by the security companies and also get abused all the time.
The reason OP flipped between VPN exit locations in the first places has been because they wanted a VPN against the local ISP (public wifi, apparently) manipulating/sniffing traffic, without the latency penalty of going from France to the UK or vice-versa. That said, a vps in Amsterdam is quite practical from both locations, especially if mildly-congested wifi is already involved.
> Can't you do a captcha with the WAF? I'm pretty sure that's an option on AWS
You can.
I know because our information security office did it to all of our web endpoints. Which are mostly API endpoints. Without telling anyone involved with individual apps, before or even, until specific complaints got to them, after doing it.
I feel your pain. It's stuff like that that just makes you know, they not only have no idea what they're doing, the level of agency and access they have mean it's just a question of when they finally accidentally something big on fire one day - and whether you'll be able to make it out unscathed with eg just some lost sleep.
I also used a tunnel when Spotify was not available globally. It did not create any issues.
Using a Public VPN is double edged sword. If you really need it its better to setup a wireguard tunnel to a own server as the the Public VPN IPs as monitored by the security companies and also get abused all the time.