nanog mailing list archives
Re: Akamai WAF
From: Michel 'ic' Luczak <lists () benappy com>
Date: Fri, 18 May 2018 16:43:26 +0200
Hi,
On 18 May 2018, at 16:22, Justin Wilson <lists () mtin net> wrote: I have a client with a /24 that has somehow been blocked by folks using the Akamai WAF. This is the response we received back from Akamai when we contacted them.On checking the machine logs for ups.com <http://ups.com/>, we found that there is WAF (web application firewall) configured by ups.com <http://ups.com/>, this has to be fixed from the site owners end.This is happening with multiple sites, southwest.com is another. I find it odd multiple sites are doing this at the same time. If just one I would believe it was a manual configuration. It seems like something has triggered it. Can someone shed some light on how the WAF works?
As far as I know they have some kind of scoring in place for end users IPs so if there is a malicious IP inside the /24 (from Akamai’s WAF point of view) then the scoring can affect other WAFed services as well. BR, ic
Current thread:
- Akamai WAF Justin Wilson (May 18)
- Re: Akamai WAF Michel 'ic' Luczak (May 18)
- Re: Akamai WAF Mike Hammett (May 18)
- Re: Akamai WAF Jeff (May 18)
- Re: Akamai WAF Mike Hammett (May 18)
- Re: Akamai WAF Michel 'ic' Luczak (May 18)