ASN Header


I’m currently getting visitors autonomous system numbers by doing a lookup when they connect to the socket. However, because I have some ASNs blocked in CF it must be the case that CF’s system is already doing this lookup ?

Is it not possible to pass that lookup result to the headers (similar to HTTP_CF_IPCOUNTRY) and save on resources.



CloudFlare’s systems can block complete network ranges just by adding the AS to block access to you content.

Not sure if I got it right:
You want CloudFlare to provide you with the ASN’s? For what reason? (technical background) :thinking: Help me, please :see_no_evil:

I mean, either you block specific ranges, or allow access. If you block it, the request will never reach your servers. I guess CloudFlare will not provide the result to you.


Why would you guess that they wouldn’t ?

I mean you can block by country code too, but they still provide the HTTP_CF_IPCOUNTRY.

The reason I do the lookup myself is because I may not want to challenge or block the ASN, but I still want to know if the ASN is in my own list of VPN, Cloud hosting, or even residential ISP networks, should I decide to allow different functionality or restrictions to those that are either whitelisted or blacklisted (or let us say greylisted).


No special reason. Just a “feeling” :slight_smile:

Now it makes sense to me. First I thought you mean the ASN of blocked requests
note to myself: stupid :joy:

I for myself do this locally, but for Spam Assassin.


I actually feel that they may not too :slight_smile: … but more so because it’s seems like a custom request that might not be widely used (unlike the country code).

Worst case is that I just carry on as I am, but in the interest of efficiency, it would be nice.


This is available to our enterprise customers, the same could probably be accomplished using Cloudflare workers which is a feature currently in beta.


Enterprise definitely isn’t an option for this specific (non-revenue) site, but out of interest is there a page/link with detailed lists of extras for different packages that I can view ?

I’ve read the compare features/plans page but I couldn’t see anything about headers and such.

I was going to make another product request, but now I’m reluctant to because it may just exist on another plan.


Please feel free to make any product requests you think of. Sometimes the feature differentiation between plans is uh… not rational… so there is always the possibility that feedback could change the mix on plan types.

There are a number of differences between our enterprise plan vs. other plans. Some of them are subtle, some obscure and some seemingly random. The most common ones I tend to discuss when working with my enterprise customers and partners are host header overrides and resolve overrides using page rules. Also, access to our enterprise log share (ELS) for detailed logging on requests.

The others can be more subtle and variable, such as increases in http timeouts, max file size uploads and maximum file size we will cache. Or custom code running on our edge to do something like sending the ASN in a header.

Sorry I couldn’t give you a cleaner answer, but please give us feature suggestions and use cases. I have sent links to a number of such requests to our product teams and developers to chew on since the forum launched.