WordPress Security: Block or Challenge ASN Numbers

Updated on:

I don’t usually recommend blocking ASN numbers because if you don’t do it right, you might end up blocking real users.

Blocking ASN numbers can be easily done with the Cloudflare Firewall Rules.

The good thing about Cloudflare rules is that you have way more options than blocking.

You can use Javascript or a managed challenge.

How to Block ASN with CFR

Blocking or challenging traffic coming from different hosting providers is quite easy.

  1. You can name the firewall rule any name you want
  2. Choose AS Num from the field options
  3. Choose “equals” from the operator options
  4. Add the “ASN Number” in the value field
  5. Choose “or”
  6. Add another “ASN Number”
  7. Repeat the process if you need to
  8. Choose an action.

What ASN Numbers to Block?

You need to create firewall rules to block sensitive areas of your site such as the login page.

Then check the logs and see the most common hosting providers used to attach that page.

At the moment of writing this post, I noticed lots of attacks coming from Cloud Asset so this ASN will be blocked or challenged from now on.

Cloud Assets ASN

You can also rely on a list of problematic companies created by a third-party website such as the one provided by SpamHouse

List of Worst ASN

These are some of the worst ASNs based on my Cloudflare logs

ASNCompanyCountry
208046HotslickGermany
16276OVHFrance
9070CoolBoxBulgary
14061Digital OceanUnited States
213230HetznerGermany
212441CloudAssetsRussia
20473AS ChoopaFrance
53667PonyUnited States

Keep in Mind

Remember that this only rule can’t be the only one you use to protect your WordPress sites.

Blocking ASN numbers must complement other firewall rules.

Also, remember to check the logs from time to time and see if real visitors and companies are getting blocked by the rule.

For example:

  • If you use SEMRush, create an exception for it using the “allow” action. To do that you need to create a different rule and whitelist the user agent.
  • If you are using an ad network such as Ezoic, blocking Amazon servers by ASN would be a terrible idea.

More about WordPress Security

If you care or have concerns about the security of your WordPress site, check these posts before you leave

  1. How to Secure your Login Page using CloudFlare
  2. WordFence: Love it or Leave it
  3. Hacking Attacks will Never Stop
  4. Protect your WordPress Site with CloudFlare Firewall Rules
  5. WordPress Security without Plugins
JM

Sobre Jose Manuel

I am José Manuel. I am writing about things I know and things that I am learning about WordPress. I hope you find this blog useful.