Is there a way to whitelist/verify IP my addresses/block on Cloudflare?

What is the name of the domain?

none

What is the issue you’re encountering

Cloudflare intercepts me from accessing sites it allegedly protects, presumably because of the nature of my IP addresses. Two months ago I got locked out from accessing Cloudflare itself because it wrongly formed conclusions based on my addresses — as it does — and decided to make me confirm it over email—which it handles the records for. With the server being down, contacting support over a form I got silence, and no way to change it, I got locked out for a month until I somehow managed to use an API key and poor RESTful API skills to re-route, at which point it decided not to CAPTCHA me anymore.

What steps have you taken to resolve the issue?

As a client none. As a server these addresses are actual entries on zone records Cloudflare is authoritative for, complete with proper rDNS. I assumed a long time ago, correctly so, that it would do more harm than good so I took of my domains off of Cloudflare’s proxy service so I wouldn’t be blocking legitimate users like I’m being blocked myself, but I still need to find a way how to verify my static addresses, something I shouldn’t have to do, so that downloads started from a script or in other complex scenarios, or framed pages such as EULAs, or things like that won’t fail.

What are the steps to reproduce the issue?

It would seem that Cloudflare is listening to these coercive IP reputation lists that target ASNs. “Level 3” as they call themselves. As tenants on a service we have, and should have no say on what other tenants sharing that ASN do, the same goes — within reason, e.g. unless customers harm other customers/network, that sort of thing — for the service provider. I noticed it started happening a few years back when after a change of addresses I got an ASN report on it. While I’m able to clear up the reports on each address (and /48 block from Hurricane Electric, another shared ASN) individually, I can’t do anything about the ASN. This one list just happened to know of a service that for a yearly fee per address, it might or it might not prevent it from appearing on that list, not its competitors though; hence coercive. Sometimes it happens on mobile too, which is yet another shared ASN.

Hi there,

Cloudflare will not block any user unless instructed to by your settings. Even if the user is on a given list, or if the IP as a certain reputation, or even if it’s 100% a bot. It is all configurable and each of our customer is free to choose the types of traffic they want to allow through to their zone. Heck, they can even disable the firewall completely if that’s what they’d like.

Having said this, if you’re being blocked from accessing certain Cloudflare protected websites is because their owners have chosen to block you. Likely not you in particular, but they have certain rules to apply blocks to certain requests under certain conditions in which your requests are falling into.

My advice is that if you feel like you’re being wrongfully blocked, you should contact the owners of the domains you’re trying to browse to, because we will certainly not change our customers settings against their will.

Take care.

1 Like