18.104.22.168/18 is a Yandex subnet. Buf your WAF rule 100203 “Anomaly:Header:User-Agent - Fake Yandex Bot” blockng requests from this subnet.
IPs essentially mean nothing when dealing with site attacks. Please post the Yandex bot UA; that would be a bit more helpful. From my experience, the WAF is to be trusted.
That a CF issue for sure. Despite the fact that ASN and (obviously) IP belong to Yandex LLC, WAF still thinks its a fake bot. It is really major, business critical issue for those who ranks for Yandex search.
As far as I can see, issue has been reported multiple times since April and yet few months later its still not fixed.
Temporary solution would be to disable this exact WAF rule. I’ve tried to add this ASN to IP whitelist but cannot confirm if this fixes the issue. I’m not yet sure what takes precedence: WAF or Whitelist.
We also have this problem since may. Ticket #2178478
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.