My company has been using the same IPv4 address for more than a decade. We are suddenly having difficulty getting to web sites and apps such as Zoom. The common denominator with all these problems is Cloudflare. Digging into the details, I found that Cloudflare #cdn is returning 403 errors for any query coming from my address. Since I am not a paying customer, there is no way to interact with their customer support. From what I can read, the recommendation Cloudflare gives is to contact each Cloudflare client and request to be added to the client’s firewall exception. There is no practical way to know all the clients of Cloudflare or to contact each of them. There are many that I have tried to contact that don’t respond or point the finger back at Cloudflare.
What is the way to get the attention of someone that can remove my address from the block list?
To the best of my understanding, Cloudflare does not maintain a block list. It does assess the threat level each IP poses based on the IP recent behavior. You’d need to investigate your network for the presence of malware or compromised credentials that could allow bad actors to use your IP address as part of a malicious botnet. To be honest, even then I think the chances of what you are experiencing being a result of a Cloudflare high threat-score are dim. Your IP would need to send out massive amounts of malicious requests for Cloudflare to elevate the threat score to a point where you’d be blocked.
So, yes, what you’re experiencing is in all likelihood the result of Cloudflare tools being used and set by website administrators.
Another issue you could investigate at your end is whether your company makes use of an outbound proxy service (for performance, security etc) that may make your individual machines look like bots to the eyes of Cloudflare. Some of Cloudflare’s bot fighting tools are still a bit blunt, but it’s up to individual site admins to enable and config those tools.
There’s nothing Cloudflare or any member of this community can do to help you with that. So, yes, you need to contact each site’s administrator.