Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop

Categories

In this Discussion

Home Help
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

block/redirect all requests from an isp

hyperblasthyperblast Member
in Help

i would like to block all access to my website (webserver apache) coming from a specific isp.
how do i find out all ip-blocks of the isp? is it also possible that all requests from the blocked isp are redirected to a special page?

i find it challenging to identify all ips to the isp.
or is that not such a big problem?

chatgpt only gives me this feedback:

<RequireAll>
    Require all granted
    Require not ip 123.45.67.0/24
    Require not ip 124.56.78.0/16
</RequireAll>

Comments

  • COLBYLICIOUSCOLBYLICIOUS Member

    If you got Cloudflare on the website you can do that using Page Rules.

    Thanked by 2hyperblast xemaps
  • kaitkait Member

    What ISP (ASN) are we talking about? Making it automated won't be fun but making a scraper that just scraps all the prefixes aint that hard.

    Thanked by 1hyperblast
  • hyperblasthyperblast Member

    @kait said:
    What ISP (ASN) are we talking about? Making it automated won't be fun but making a scraper that just scraps all the prefixes aint that hard.

    AS8767

  • hyperblasthyperblast Member

    @COLBYLICIOUS said:
    If you got Cloudflare on the website you can do that using Page Rules.

    i know, but website should not be cloudflared. ;)

    Thanked by 2COLBYLICIOUS kaisercloud
  • yoursunnyyoursunny Member, IPv6 Advocate

    Mentally strong people allow equal access to information for everyone and do not block any ISP for GET requests.

    Thanked by 4COLBYLICIOUS kaisercloud emaiI emg88
  • emghemgh Member, Megathread Squad

    @yoursunny said:
    Mentally strong people allow equal access to information for everyone and do not block any ISP for GET requests.

    Blocked.

    Thanked by 1COLBYLICIOUS
  • hyperblasthyperblast Member
    edited January 2025

    @yoursunny said:
    Mentally strong people allow equal access to information for everyone and do not block any ISP for GET requests.

    for which requests is it worth blocking an isp?
    we ((c) yoursunny) are of the opinion that we can make use of our domiciliary rights in special cases.

  • layer7layer7 Member, Host Rep, LIR
    edited January 2025

    @yoursunny said:
    Mentally strong people allow equal access to information for everyone and do not block any ISP for GET requests.

    Hi,

    and hrhr... dying hard in DDOS? :>

    @hyperblast

    there are different websites offering information like this.

    For example you could grep

    https://bgp.he.net/AS8767#_prefixes

    To get a list.

    But AS8767 is actually an access provider. Sure you want to block it? I assume you have an issue with one of their customers. Maybe blocking them would be more effective to have less false positive...

    Thanked by 1hyperblast
  • lukast__lukast__ Member, Megathread Squad
    edited January 2025

    You could just use https://api.bgpview.io/asn/8767/prefixes or download https://bgp.tools/table.txt and grep for that ASN.

    Thanked by 3hyperblast sh97 0xC7
  • hyperblasthyperblast Member

    @layer7 said:

    @yoursunny said:
    Mentally strong people allow equal access to information for everyone and do not block any ISP for GET requests.

    Hi,

    and hrhr... dying hard in DDOS? :>

    @hyperblast

    there are different websites offering information like this.

    For example you could grep

    https://bgp.he.net/AS8767#_prefixes

    To get a list.

    But AS8767 is actually an access provider. Sure you want to block it? I assume you have an issue with one of their customers. Maybe blocking them would be more effective to have less false positive...

    i am sure! ;)

  • forghaniforghani Member
    edited January 2025

    I think best solution would be putting your server behind a reverse proxy like cloudflare or other cdns, and the that configure that proxy to block access from certain IP subnets. To do so look for ASN of that ISP and get list of IP subnets. Then create a rule in cloudflare dashboard to deny access from these ip subnets.

    Thanked by 2hyperblast xemaps
Sign In or Register to comment.