ASN Type conditional rules for WAF

Hello,

I want to know if it’s possible to add a “ASN Type” conditional rules for the WAF.
I mean
ASN type = hosting (OVH, Gandy, DigitalOcean, …)
ASN type = isp
ASN type = university
like we have for IP TOR.

Because for me, 99% of the requests from an ASN hosting is bad.
ok it can be a person that have a pihole/VPN hosted but most of the time, it’s a bad bot or other bad stuff.

So if i can get a rule to block hoser ASN that could be very nice !

I would expect this feature to be delivered as a Managed IP List. The first such list was ‘Cloudflare Open Proxies’, which was released last week.

While there are many ASNs that only contain servers and generate nothing but abuse for my own sites, I know hosting providers that also operate consumer and business ISP divisions within the same ASN. So it would be safer to have a managed list of IP addresses that essentially contains no eyeballs, and can be safely blocked or challenged. Blocking the entire ASN can have unintended side effects. (And I for one block several very large hosting providers by their ASN)

2 Likes

Blockquote , I know hosting providers that also operate consumer and business ISP divisions within the same ASN

Do you have any examples ?
Just to to see how it looks in ipinfo.io

I know you can get these information from IP2Location database. Not sure if CF has similar information.

ASN type = hosting (OVH, Gandy, DigitalOcean, …)
ASN type = isp
ASN type = university
like we have for IP TOR.

At my Country, the ISP provider for home DLS/Fiber/Phone/SateliteTV, while also offering VPS servers and business ICT solutions (under the same ASN):

This one too (already operates VoIP and other stuff of connection for business as well), in close future will have a datacenter too (under the same ASN):

1 Like

humm ok… thanks fritexvz !
not easy.
Anyway, it is boring to get a WAF with tens ASN to block hoster.