Re: Amazon AWS cloudfront WAF block

["Eric C. Miller via NANOG" <nanog () lists nanog org>]

We're still playing whack a mole with our IP space. I've asked our corporate counsel about sending demand letters with 
an accusation of tortious interference.

IP Quality Score seems to be a big nuisance. Check a few of your IPs on their website.

No silver bullets though.

Eric


________________________________
From: paul--- via NANOG <nanog () lists nanog org>
Sent: Wednesday, May 28, 2025 10:18:55 AM
To: nanog () lists nanog org <nanog () lists nanog org>
Cc: paul@vanilla.capetown <paul@vanilla.capetown>
Subject: Amazon AWS cloudfront WAF block

Hi all

Most if not all of our prefixes are on some sort of AWS WAF deny list, that or our ASN is listed.

We are an eyeball network, geo-location websites e.g maxmind are correctly displaying the correct location and services 
for our prefixes.

We do not have a support contract with amazon aws to create a support ticket. Various websites are now blocked, e.g 
Reddit and many more. It is not feasible for us to reach out to each one to adjust their aws waf filters.

Upon emailing AWS this is their reply:

"The best course of action would be to contact Neustar and or MaxMind who are 3rd party WAF aggregators on this to 
address any issues with WAF blocking."

This is also not fair and frankly a rabbit hole we do not want to go down. These are also paid for services. AWS is 
almost holding our ASN/Prefixes as hostage to these paid for services with no easy way to check why we are being 
blocked, and getting off "some" list.

Anyone have an idea / contact or what to do?
_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/NC6Q4WG7MORBQWH5BAPOHR7XK5H56OTU/
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/K7TEXONRYLQWZPUDTOPQ5SI5WFZJ6TAM/