Firewall rules by IP hostname

I get a lot of trafic from amazon IPs and with PHP I can see that IP hostname is like:

ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com

It would be nice to block them by matching the IP hostname e.g “.amazonaws.com” but I understand the firewall rules http.host refers to my site’s hostname.

Can an option be added to filter by IP hostname matches ?

The firewall doesn’t do hostname lookups, but you can block by AS Number for Amazon.

https://www.ultratools.com/tools/asnInfo

1 Like

Block the Amazon ASNs instead. The PTR can be changed.

@sdayman, @MarkMeyer, the OP clarified this already at Blocking *.amazonaws.com hosts. I assume this is supposed to be the matching feature request.

Just my two cents on this, I somehow doubt Cloudflare will implement that. That will require a reverse lookup for each request (some caching could certainly be done), which can take signifcant resources on the proxies as well as delay request handling by quite a bit.

2 Likes