Should I block cloud platforms AS Number?

Hi, everyone. I read a post that says bad traffic usually comes from cloud platforms. Therefore, Those platforms’ AS Numbers should be blocked. But how can I know if the traffic in the screenshot is bad traffic?

Well, once I spot some odd requests like crawling bots, python-ish or WordPress related, I block the ASN, especially if I don’t use their hosting service. Before doing it so, I check the “type” of the AS using the ipinfo.io → Hosting/Business/ISP just in case to not block the regular users from accessing my website.

From your screenshot above, to me it seems like a normal visitor as far as new and updated Web browser based on a user-agent string and HTTP version.
Also, someone might use Linode VPS as a VPN (like users from China, etc.) :thinking:

1 Like

Thank you. Then how can I block bad traffic from the cloud while not blocking real users?

You can’t. Almost any cloud platform has the ability to host a legitimate user in some fashion (Bob spins up a VM in GCP to browse from a private machine while at work).

Blocking all bots / scrapers / scanning tools is a Sisyphean task with diminishing returns.

2 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.