Answer these questions to help the Community help you with Security questions.
What is the domain name?
Have you searched for an answer?
Please share your search results url:
Unnecessary, they’re blocking our ASN via Cloudflare, it’s pretty obvious. I tried to open a ticket but since I don’t pay for business service, I’m not allowed to open a ticket. This is ridiculous.
When you tested your domain using the [Cloudflare Diagnostic Center](https://www.cloudflare.com/diagnostic-center/) (funny that I have to backtick the prefilled text!), what were the results?
It’s not my domain, it’s their domain, and they block ASNs at random, or perhaps block all and allow only major carriers, I don’t know.
Describe the issue you are having:
chownow(dot)com, using Cloudflare for ASN blocking, is blocking our ASN.
What error message or number are you receiving?
What steps have you taken to resolve the issue?
Contacted chownow(dot)com support
Tried to explain to Eddie F that while the account was successfully created (when I used another IP, my Zayo direct peer IP), I am still having the issue that customers using our IPs, 18.104.22.168/24 and 22.214.171.124/24, cannot access nor order via the chownow website.
Had someone point out that the error message says Cloudflare is blocking us, even though we have had zero other complaints about Cloudflare apart from Chownow, leading me to believe Chownow frontline support can’t comprehend IP blocks
Was the site working with SSL prior to adding it to Cloudflare?
What are the steps to reproduce the error:
Use our network (I would be happy to set up an anydesk/teamviewer session to a jumpbox)
Try to access chownow(dot)com
Have you tried from another browser and/or incognito mode?
Not only that, I tried from another computer entirely
Unfortunately Cloudflare offers a toolset but doesn’t control how their customers implement it. If they have decided to block your ASN you will need them to modify, Cloudflare does not control and cannot override their security decisions.
I said this, but my customer insisted I open a ticket with cloudflare, and was dissatisfied with my attempt to contact chownow again. There’s an off chance that cloudflare can contact the right division of chownow whereas I cannot get past the gatekeeper, Eddie F.
I’m pretty sure this is their security through obscurity technique, they’ve created an allow list and block everything else. If they don’t know you’re a US ISP, you’re blocked. There’s a chance that this is a geofilter that cloudflare manages, and so if our ASN is not listed in cloudflare as a US ISP, and their filter is just “allow US ISPs”, then it is a cloudflare issue.
I tried to test this by setting up a Cloudflare account for a domain I own but don’t really use, and while I can “allow” by country, I cannot “block” by country unless I am on the enterprise plan, so I can’t test if it is seeing my ASN as being not in the US.
Scratch that, I figured out a way to test, redirects. I have it set to redirect all non US visitors to google for the cook islands, and it didn’t redirect. I then added our ASN to redirect to our homepage, and it did redirect. Odd that they’re actually doing it by ASN, and not by the filter. Maybe this is how they save money?
It is very common for certain website owners to choose to block AS numbers of cloud / hosting providers (dedicated servers, VPS, and so on), as it is very rarely that legitimate users would be connecting to a website that way.
Doing so can often limit a lot of bot traffic, or otherwise useless noise, that your site receives.
A lot of games can be played in that direction, so it probably wouldn’t be completely impossible.