I am hesitating regarding a better approach for a situation where I have and use services like servers from the provider for which I also see some Firewall events like crawlers, etc., and would like to block requests comming from the provider by its AS number while still bypassing the given IP addresses or IP range which I use from the same.
a) Should I create a Firewall rule like if the request is coming from AS number 12345 and IP address, not my IP address (or IP range)?
(ip.geoip.asnum eq 12345 and not ip.src in {123.012.34.56 168.178.65.31})
b) Should I add AS number 12345 to IP Access Rules with “block” as an action, but also add my IP address(es) or IP range with “bypass”?
c) Should I add AS number 12345 to IP Access Rules and then create a Firewall rule to “bypass” my IP address(es) or IP range? I assume IP Access Rules will be executed before Firewall Rules, or I may be wrong about it?
I am interested, for example in b) case, what priority is here?
Will my IP address(es) or IP range be “bypassed” regarding the whole AS number being “blocked” (as the IP address belongs to that AS number) or not?
May I ask for a suggestion from practice, which approach should a Cloudflare user consider a good one and go with it?
