This is terrible advice, but you might need another netblock for the eyeballs. Possibly a small one with enterprise NAT, but something outside the AWS list ranges...
-George On Mon, Feb 19, 2024 at 7:35 PM Justin H. <justindh...@gmail.com> wrote: > That matches my experience with these types of problems in the past. > Especially when the end-users don't have a process for white-listing. > We actually got a response from one WAF user to "connect to another > network to log in, then you should be able to use the site, because it's > just the login page that's protected". > > I am working with someone off-list, so I have hope this can be resolved > without account gymnastics. :) > > Justin H. > > Owen DeLong wrote: > > The whole situation with these WAF as a service setups is a nightmare > for the affected (afflicted) parties. > > > > I saw this problem from both sides when I was at Akamai. It’s not great > from the service provider side, but it’s an absolute shit show for anyone > on the wrong side of a block. There’s no accountability or process for > redress of errors whatsoever. The impacted party isn’t a customer of the > WAF publisher, so they cant get any traction there. The WAF subscriber > blindly applies the WAF and it’s virtually impossible to track down anyone > there who even knows that they subscribe to such a thing, let alone get > them to take useful action. > > > > Best of luck. The only thing I saw that worked while I was at Akamai > was a few entities subscribed to the WAF service and then complained about > getting blocked from their own web sites. Since they were then Akamai WAF > customers, they could get Akamai to take action. > > > > Crazy. > > > > Owen > > > > > >> On Feb 16, 2024, at 09:19, Justin H. <justindh...@gmail.com> wrote: > >> > >> Justin H. wrote: > >>> Hello, > >>> > >>> We found out recently that we are on the HostingProviderIPList (found > here > https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-ip-rep.html) > at AWS and it's affecting our customers' access to various websites. We > are a datacenter, and a hosting provider, but we have plenty of enterprise > customers with eyeballs. > >>> > >>> We're finding it difficult to find a technical contact that we can > reach since we're not an AWS customer. Does anyone have a contact or > advice on a solution? > >> Sadly we're not getting any traction from standard AWS support, and end > users of the WAF list like Reddit and Eventbrite are refusing to whitelist > anyone. Does anyone have any AWS contacts that might be able to assist? > Our enterprise customers are becoming more and more impacted. > >> > >> Justin H. > > -- -george william herbert george.herb...@gmail.com
