I have been trying to block many ip ranges, specifically the m247.net ip address range.
I have tried blocking AS9009 M247 Ltd and it does not block hardly any of the ip ranges. Maybe 1 out of 20?
So I then created a firewall rule with all of the ip ranges of m247, yet the ip address’s are still able to get through without any problem and access the website.
Here is the rule I have applied
{ truncated }
(ip.src in {38.132.96.0/19 89.238.128.0/18 82.102.16.0/21 37.120.128.0/21 86.107.55.0/24 45.133.180.0/22})
=
JS Challenge
Yet, still ips like [38.132.97.163] get through without any problem and are not receiving the javascript challenge. There is no cf_clearance cookie.
It appears these ip ranges are impossible to block / javascript challenge?
I have made sure they are not bypassing the Cloudflare system through logs, and they are not and I check for the HTTP_CF_CONNECTING_IP header ONLY for Cloudflare ip ranges.
@email669
step 1: make sure other firewall rules/page rules does not conflict with each other. in my case i had a conflicting rule.
step 2: such incident can happen when ip ranges are announced by 2 networks( 2 asns).
see https://bgpview.io/ip/38.132.97.163
try to block both asn and see if it still come through. hope it helps.
I am also having trouble with AS204644 and when trying to manually add ips into firewall rules. This is www.code200.global and I have the rule 193.32.172.0/22 but ips like 193.32.174.33 are still getting through without being served a Javascript Challenge.