I don’t usually recommend blocking ASN numbers because if you don’t do it right, you might end up blocking real users.
Blocking ASN numbers can be easily done with the Cloudflare Firewall Rules.
The good thing about Cloudflare rules is that you have way more options than blocking.
Table of Contents
How to Block ASN with CFR
Blocking or challenging traffic coming from different hosting providers is quite easy.
- You can name the firewall rule any name you want
- Choose AS Num from the field options
- Choose “equals” from the operator options
- Add the “ASN Number” in the value field
- Choose “or”
- Add another “ASN Number”
- Repeat the process if you need to
- Choose an action.
What ASN Numbers to Block?
You need to create firewall rules to block sensitive areas of your site such as the login page.
Then check the logs and see the most common hosting providers used to attach that page.
At the moment of writing this post, I noticed lots of attacks coming from Cloud Asset so this ASN will be blocked or challenged from now on.
You can also rely on a list of problematic companies created by a third-party website such as the one provided by SpamHouse
List of Worst ASN
These are some of the worst ASNs based on my Cloudflare logs
|14061||Digital Ocean||United States|
Keep in Mind
Remember that this only rule can’t be the only one you use to protect your WordPress sites.
Blocking ASN numbers must complement other firewall rules.
Also, remember to check the logs from time to time and see if real visitors and companies are getting blocked by the rule.
- If you use SEMRush, create an exception for it using the “allow” action. To do that you need to create a different rule and whitelist the user agent.
- If you are using an ad network such as Ezoic, blocking Amazon servers by ASN would be a terrible idea.
More about WordPress Security
If you care or have concerns about the security of your WordPress site, check these posts before you leave