Cloudflare uses ASN to block malicious spider
Index
Recently, our website was targeted by web crawlers. These crawlers kept changing their IP addresses, making it difficult to block them effectively. After some research, we found a solution by blocking their ASN.
🧭 What is an ASN?
ASN (Autonomous System Number) is a unique number assigned to an autonomous system (AS) on the internet. An autonomous system is a group of IP routing prefixes managed by one or more network operators with a unified routing policy. ASN is used in the Border Gateway Protocol (BGP) to exchange routing information and helps networks identify and manage data transmission paths.
Each autonomous system on the internet has a unique ASN, which is used in BGP routing to identify the system. There are two types of ASN formats:
- 16-bit ASN ranges from 1 to 65534
- 32-bit ASN ranges from 131072 to 4294967294
The main purpose of ASN is to enable routing information exchange between autonomous systems and ensure that data packets travel through the most efficient paths.
By using Cloudflare’s Firewall Rules, you can block malicious crawlers based on their ASN. Here's how to do it:
Step 1: Identify the ASN of the crawler
You can identify the IP addresses of the malicious crawlers through logs or traffic analytics, then look up their corresponding ASN online.
For example:
- Use tools like ipinfo.io or bgp.he.net to check the ASN of an IP address.
Step 2: Configure in Cloudflare
- Go to the Cloudflare dashboard and select your website.
- In the left menu, click Security > WAF > Firewall Rules.
- Click Create a firewall rule.
Set the rule as follows:
- Field:
ip.geoip.asnum - Operator:
equalsorin(for multiple ASNs) - Value: Enter the ASN(s), for example
AS12345
Example Rule:
ip.geoip.asnum in {12345 54321}Action
- Set the action to Block or Challenge.
Effect
The rule will take effect immediately. Any IPs under the specified ASN will no longer be able to access your website directly.
☁️ Common Cloud Providers and Their ASNs
Below are some common cloud providers and their Autonomous System Numbers (ASN). You can use this information to configure firewall rules in Cloudflare to identify or block traffic from specific providers:
| Cloud Provider | ASN | Notes |
|---|---|---|
| Amazon Web Services (AWS) | AS16509, AS14618, AS8987 | AWS uses multiple ASNs depending on region and service type. |
| Google Cloud Platform (GCP) | AS15169, AS19527, AS396982 | Google’s main ASNs used for global infrastructure. |
| Microsoft Azure | AS8075, AS3598, AS8070 | Microsoft uses several ASNs covering Azure services. |
| Alibaba Cloud | AS37963, AS45102, AS58593 | Alibaba Cloud uses different ASNs in different regions. |
| Oracle Cloud | AS31898 | Oracle’s primary ASN. |
| IBM Cloud | AS36351 | IBM Cloud’s main ASN. |
| DigitalOcean | AS14061 | DigitalOcean’s main ASN. |
| Hetzner Online | AS24940 | Hetzner’s main ASN. |
| OVHcloud | AS16276 | OVH’s main ASN. |
| Linode | AS63949 | Linode’s main ASN. |