nanog mailing list archives
Re: Amazon AWS cloudfront WAF block
From: Alarig Le Lay via NANOG <nanog () lists nanog org>
Date: Thu, 29 May 2025 08:45:53 +0200
If you have some tricks on how to be removed from said blacklists, it would be much appreciated. https://www.ipqualityscore.com/free-ip-lookup-proxy-vpn-test/lookup/80.67.190.1 is listed as VPN/proxy. My guess is that because my LIR announces the whole /19 and at some point some IPs of this /19 were used as open VPN, while my IPs aren’t in that case. Alarig On Thu 29 May 2025 01:20:51 GMT, Eric C. Miller via NANOG wrote:
We're still playing whack a mole with our IP space. I've asked our corporate counsel about sending demand letters with an accusation of tortious interference. IP Quality Score seems to be a big nuisance. Check a few of your IPs on their website. No silver bullets though. Eric ________________________________ From: paul--- via NANOG <nanog () lists nanog org> Sent: Wednesday, May 28, 2025 10:18:55 AM To: nanog () lists nanog org <nanog () lists nanog org> Cc: paul@vanilla.capetown <paul@vanilla.capetown> Subject: Amazon AWS cloudfront WAF block Hi all Most if not all of our prefixes are on some sort of AWS WAF deny list, that or our ASN is listed. We are an eyeball network, geo-location websites e.g maxmind are correctly displaying the correct location and services for our prefixes. We do not have a support contract with amazon aws to create a support ticket. Various websites are now blocked, e.g Reddit and many more. It is not feasible for us to reach out to each one to adjust their aws waf filters. Upon emailing AWS this is their reply: "The best course of action would be to contact Neustar and or MaxMind who are 3rd party WAF aggregators on this to address any issues with WAF blocking." This is also not fair and frankly a rabbit hole we do not want to go down. These are also paid for services. AWS is almost holding our ASN/Prefixes as hostage to these paid for services with no easy way to check why we are being blocked, and getting off "some" list. Anyone have an idea / contact or what to do? _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog () lists nanog org/message/NC6Q4WG7MORBQWH5BAPOHR7XK5H56OTU/ _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog () lists nanog org/message/K7TEXONRYLQWZPUDTOPQ5SI5WFZJ6TAM/
_______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog () lists nanog org/message/ATXOSE2H43LNIVEX4H6RLOURLKXRBWER/
Current thread:
- Re: Amazon AWS cloudfront WAF block, (continued)
- Re: Amazon AWS cloudfront WAF block William Herrin via NANOG (May 29)
- Re: Amazon AWS cloudfront WAF block Eric C. Miller via NANOG (May 29)
- Engineering problems, not legal problems [was: Amazon AWS cloudfront WAF block] patrick via NANOG (May 29)
- Re: Engineering problems, not legal problems [was: Amazon AWS cloudfront WAF block] William Herrin via NANOG (May 29)
- Re: Engineering problems, not legal problems [was: Amazon AWS cloudfront WAF block] patrick via NANOG (May 29)
- Re: Engineering problems, not legal problems [was: Amazon AWS cloudfront WAF block] Tom Beecher via NANOG (May 29)
- Re: Amazon AWS cloudfront WAF block Tom Beecher via NANOG (May 29)
- Re: Amazon AWS cloudfront WAF block William Herrin via NANOG (May 29)
- Re: Amazon AWS cloudfront WAF block Eric C. Miller via NANOG (May 29)
- Re: Amazon AWS cloudfront WAF block Tom Beecher via NANOG (May 29)