Sites blocking VPN / IP ranges. Solution?

So, this is going to seem odd, at least a little.

I live in the sticks, very rural, so my only real option is to use 4G LTE as internet. It works, heck, it works great. I live near enough next door to a verizon tower so I get at least 100Mbps most days. Unfortunately this means I’m behind some rather strict NAT, CGNAT specifically. And I run a small homelab, so… that wont do. Not at all.

My solution to this has been to rent a vps from linode, install wireguard on it and use iptables to tunnel traffic directed at the vps to my openWRT vm, where it gets routed to my home network. This works great, I can finally forward ports and access my services from the internet.

Only, just now I’ve found out that Cloudflare apparently has whole ip ranges blocked, specifically from common vps providers. Or maybe its just detecting vpn traffic somehow?

Anyway, I’m getting Access denied Error code 1020

Is there a way to go about getting my specific IP whitelisted? Some other solution?
Let me be clear. Not using the VPN solution is not an option for me.

Cloudflare does not block anything by default, but the website owner, who very likely is a Cloudflare customer, very likely configured Cloudflare to do so.

At Cloudflare you have many options to block. You can filter for ASN, IP, IP ranges, country etc… and many more. But if you are blocked, then the website owners configured it to do so. Feel free to contact the website owner and ask him these questions:

Not at all! …unless the website owner decides to do so.

That does not matter at all. If you want to have access to some sites, you will have to play by the rules the website owner sets up, not by the rules you want :slight_smile:

Cloudflare will not help you here at all, Cloudflare is helping its clients/users that are using Cloudflare to protect their property against getting accessed by requests they don’t want to be accessed by.

Your only options are:

  • don’t use the technology, the website owner is blocking you for
  • don’t use a IP/IP-range the website owner is blocking you for
  • contact the website owner and ask him for help
1 Like

M4rt1n sums it up well, I block Linode on all my sites; many others also do. If the sites have re-captcha on, you could use the privacy plugin browser available on the browser store such as chrome store, but if you are getting access denied (403) then that is useless.

There are a few like Linode that are extremely toxic, so many content scrapers theifs, web attacks, web probe scans, and invalid traffic doing click farm bombs on ads I could go on. less than a few % would be legit users if that, so most just block it.

Sounds rough for you, but it will probably get worse given the global state of the world economy, most website owners need to ensure traffic sources are legit now more than ever before for ad revenue, or people running stores and avoiding high traffic costs on bad datacenter traffic, or other things that cost $$$.

If you visit https://www.ip2proxy.com does it detect as VPN? If yes, whitelisting from IP2Proxy might helps.

It’s not so uncommon these days for website owners to try to block all non-residential traffic, so unfortunately for you, it’ll only get worse if you continue to use your solution.

It’s the main reason I use Cloudflare, as it makes it fairly easy to block ASN’s for hosting providers like linode (a common source of bot traffic), the net result for me is far less automated requests and in turn, reduced bandwidth costs, server load etc.

2 Likes

Its manual 403 i am pretty sure, so manual blocks that will not work using any service, even getting whitelisted by Cloudflare bot fight mode wont help unless the rule has allow known bots only option.

Cloudflare never blocks traffic except for waf triggers, just challenges it.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.