Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


block/redirect all requests from an isp
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

block/redirect all requests from an isp

i would like to block all access to my website (webserver apache) coming from a specific isp.
how do i find out all ip-blocks of the isp? is it also possible that all requests from the blocked isp are redirected to a special page?

i find it challenging to identify all ips to the isp.
or is that not such a big problem?

chatgpt only gives me this feedback:

<RequireAll>
    Require all granted
    Require not ip 123.45.67.0/24
    Require not ip 124.56.78.0/16
</RequireAll>

Comments

  • If you got Cloudflare on the website you can do that using Page Rules.

    Thanked by 1hyperblast
  • kaitkait Member

    What ISP (ASN) are we talking about? Making it automated won't be fun but making a scraper that just scraps all the prefixes aint that hard.

    Thanked by 1hyperblast
  • @kait said:
    What ISP (ASN) are we talking about? Making it automated won't be fun but making a scraper that just scraps all the prefixes aint that hard.

    AS8767

  • @COLBYLICIOUS said:
    If you got Cloudflare on the website you can do that using Page Rules.

    i know, but website should not be cloudflared. ;)

  • yoursunnyyoursunny Member, IPv6 Advocate

    Mentally strong people allow equal access to information for everyone and do not block any ISP for GET requests.

  • emghemgh Member, Megathread Squad

    @yoursunny said:
    Mentally strong people allow equal access to information for everyone and do not block any ISP for GET requests.

    Blocked.

    Thanked by 1COLBYLICIOUS
  • hyperblasthyperblast Member
    edited January 13

    @yoursunny said:
    Mentally strong people allow equal access to information for everyone and do not block any ISP for GET requests.

    for which requests is it worth blocking an isp?
    we ((c) yoursunny) are of the opinion that we can make use of our domiciliary rights in special cases.

  • layer7layer7 Member, Host Rep, LIR
    edited January 13

    @yoursunny said:
    Mentally strong people allow equal access to information for everyone and do not block any ISP for GET requests.

    Hi,

    and hrhr... dying hard in DDOS? :>

    @hyperblast

    there are different websites offering information like this.

    For example you could grep

    https://bgp.he.net/AS8767#_prefixes

    To get a list.

    But AS8767 is actually an access provider. Sure you want to block it? I assume you have an issue with one of their customers. Maybe blocking them would be more effective to have less false positive...

    Thanked by 1hyperblast
  • lukast__lukast__ Member, Megathread Squad
    edited January 13

    You could just use https://api.bgpview.io/asn/8767/prefixes or download https://bgp.tools/table.txt and grep for that ASN.

    Thanked by 3hyperblast sh97 0xC7
  • @layer7 said:

    @yoursunny said:
    Mentally strong people allow equal access to information for everyone and do not block any ISP for GET requests.

    Hi,

    and hrhr... dying hard in DDOS? :>

    @hyperblast

    there are different websites offering information like this.

    For example you could grep

    https://bgp.he.net/AS8767#_prefixes

    To get a list.

    But AS8767 is actually an access provider. Sure you want to block it? I assume you have an issue with one of their customers. Maybe blocking them would be more effective to have less false positive...

    i am sure! ;)

  • forghaniforghani Member
    edited January 31

    I think best solution would be putting your server behind a reverse proxy like cloudflare or other cdns, and the that configure that proxy to block access from certain IP subnets. To do so look for ASN of that ISP and get list of IP subnets. Then create a rule in cloudflare dashboard to deny access from these ip subnets.

    Thanked by 1hyperblast
Sign In or Register to comment.