There are other WAF lists available on AWS besides their native one. Ones that have support.
> On Feb 20, 2024, at 16:18, George Herbert <[email protected]> wrote: > > This is terrible advice, but you might need another netblock for the > eyeballs. Possibly a small one with enterprise NAT, but something outside > the AWS list ranges... > > > -George > > On Mon, Feb 19, 2024 at 7:35 PM Justin H. <[email protected] > <mailto:[email protected]>> wrote: >> That matches my experience with these types of problems in the past. >> Especially when the end-users don't have a process for white-listing. >> We actually got a response from one WAF user to "connect to another >> network to log in, then you should be able to use the site, because it's >> just the login page that's protected". >> >> I am working with someone off-list, so I have hope this can be resolved >> without account gymnastics. :) >> >> Justin H. >> >> Owen DeLong wrote: >> > The whole situation with these WAF as a service setups is a nightmare for >> > the affected (afflicted) parties. >> > >> > I saw this problem from both sides when I was at Akamai. It’s not great >> > from the service provider side, but it’s an absolute shit show for anyone >> > on the wrong side of a block. There’s no accountability or process for >> > redress of errors whatsoever. The impacted party isn’t a customer of the >> > WAF publisher, so they cant get any traction there. The WAF subscriber >> > blindly applies the WAF and it’s virtually impossible to track down anyone >> > there who even knows that they subscribe to such a thing, let alone get >> > them to take useful action. >> > >> > Best of luck. The only thing I saw that worked while I was at Akamai was >> > a few entities subscribed to the WAF service and then complained about >> > getting blocked from their own web sites. Since they were then Akamai WAF >> > customers, they could get Akamai to take action. >> > >> > Crazy. >> > >> > Owen >> > >> > >> >> On Feb 16, 2024, at 09:19, Justin H. <[email protected] >> >> <mailto:[email protected]>> wrote: >> >> >> >> Justin H. wrote: >> >>> Hello, >> >>> >> >>> We found out recently that we are on the HostingProviderIPList (found >> >>> here >> >>> https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-ip-rep.html) >> >>> at AWS and it's affecting our customers' access to various websites. >> >>> We are a datacenter, and a hosting provider, but we have plenty of >> >>> enterprise customers with eyeballs. >> >>> >> >>> We're finding it difficult to find a technical contact that we can reach >> >>> since we're not an AWS customer. Does anyone have a contact or advice >> >>> on a solution? >> >> Sadly we're not getting any traction from standard AWS support, and end >> >> users of the WAF list like Reddit and Eventbrite are refusing to >> >> whitelist anyone. Does anyone have any AWS contacts that might be able >> >> to assist? Our enterprise customers are becoming more and more impacted. >> >> >> >> Justin H. >> > > > -- > -george william herbert > [email protected] <mailto:[email protected]>
