Amazon AWS cloudfront WAF block

[paul--- via NANOG <nanog () lists nanog org>]

Hi all

Most if not all of our prefixes are on some sort of AWS WAF deny list, that or our ASN is listed. 

We are an eyeball network, geo-location websites e.g maxmind are correctly displaying the correct location and services 
for our prefixes.

We do not have a support contract with amazon aws to create a support ticket. Various websites are now blocked, e.g 
Reddit and many more. It is not feasible for us to reach out to each one to adjust their aws waf filters.

Upon emailing AWS this is their reply:

"The best course of action would be to contact Neustar and or MaxMind who are 3rd party WAF aggregators on this to 
address any issues with WAF blocking."

This is also not fair and frankly a rabbit hole we do not want to go down. These are also paid for services. AWS is 
almost holding our ASN/Prefixes as hostage to these paid for services with no easy way to check why we are being 
blocked, and getting off "some" list.

Anyone have an idea / contact or what to do?
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/NC6Q4WG7MORBQWH5BAPOHR7XK5H56OTU/