Service Modification

EDIT: I gave up. Blocking entire ASN took too much effort. WAF and Bot Management are better in that sense.

Because of how many people trying to use hosting services to scan random sites for known vulnerability, I’ve modified Cloudflare CDN IP access rules and blocklisted couple ASNs from accessing any websites under my Cloudflare personal account. If you are using a proxy whose IP falls under these ASNs, I’m sorry but it is what it is. There aren’t any people depending on my websites, so shouldn’t affect anything if it’s blocked on some hosting ASNs right?

In this process, I used some external lists:
1. https://paulmade.me/20-asn-to-block-in-2020-on-cloudflare-firewall/
2. https://github.com/brianhama/bad-asn-list/blob/master/bad-asn-list.csv
3. https://github.com/XMD0718/cloudflare-block-bad-bot-ruleset/blob/master/idcasnlist.rules
4. https://hostloc.com/forum.php?mod=redirect&goto=findpost&ptid=959912&pid=11844860

You can download the list of ASNs blocked here:

Blocking ASNs and other country level challenges only made it worse… So I incorporated several CloudFlare WAF lists:
1. https://github.com/SocolSRT/cloudflare-rules
2. https://github.com/SukkaW/cloudflare-block-bad-bot-ruleset

Overall, there are 4 rule slots. 3 Block, 1 Challenge (Only “Bad Reputation” is Challenge)
1. Block Malicious Actors – 1 (Aliyun Yundun & Bad Crawler)
2. Block Malicious Actors – 2 (Basic Crawler & Security Scanner & Exploiting Fix & Method Fix)
3. Block Bad Bots
4. Bad Reputation

Scroll to Top