Attempting to use Custom Rule to block Bytedance fails

Hoping someone can enlighten me.

Every day my website is scraped by the same IP address with ASNUM 396986 - and IP address in the subnet They appear to be a bot trying to scrape my content.

I’ve tried adding a custom rule to block the ASNUM, and I’ve added a source IP address of to custom rules. I’ve tried adding the same to the IP Access rules. None of it works - the address still gets through to my site.

Other custom rules get blocked by ASNUM and/or IP Access rules (I use fail2ban to protect wp-login.php and xmlrpc.php).

Can anyone shed any light on what I’m doing wrong, or does CF have a global accept policy for Bytedance (i.e. TikTok).


Have you firewalled direct access to your host?

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.