Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


jamesrt

1609 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

#318701 13-Feb-2025 09:03
Send private message

Hi, 

 

 

 

In the last couple of days, I'm getting 'access blocked' messages from my work laptop/network.

 

 

 

Presume this isn't a widespread issue? 

 

 

 

Example RayID 910f29cefce8dfb5


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
Handsomedan
7284 posts

Uber Geek

ID Verified
Trusted
Subscriber

  #3342253 13-Feb-2025 09:06
Send private message

Happening to me too. Assumed this was a “work thing”…





Handsome Dan Has Spoken.
Handsome Dan needs to stop adding three dots to every sentence...

 

Handsome Dan does not currently have a side hustle as the mascot for Yale 

 

 

 

*Gladly accepting donations...




  #3342309 13-Feb-2025 09:26
Send private message

Just happened to me too. Getting blocked from my laptop but not my phone which is connected to the same corporate wifi network?


jamesrt

1609 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #3342320 13-Feb-2025 09:33
Send private message

I too can get in on my phone, which is on the corporate WiFi. However, the phone will be bypassing the corporate proxy servers. 

 

 




freitasm
BDFL - Memuneh
79257 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3342326 13-Feb-2025 09:46
Send private message

Thanks for the Ray ID @jamesrt - this is the only way I can trace this kind of thing.

 

Could you please try again folks?





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


  #3342332 13-Feb-2025 09:50
Send private message

All good here. Thanks @freitasm

 

 


jamesrt

1609 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #3342333 13-Feb-2025 09:52
Send private message

Am also now OK from work laptop - there was a capture challenge thing, but that seemed to be automatically processed.


freitasm
BDFL - Memuneh
79257 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3342335 13-Feb-2025 09:57
Send private message

Yes. The network your work is using is also used by some bots I do not consider worthy of accessing Geekzone.

 

So the challenge is the best compromise. It should block these Bad Bots and be just a small thing for legitimate users.





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


 
 
 

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.
BlakJak
1275 posts

Uber Geek

Trusted

  #3342336 13-Feb-2025 10:04
Send private message

This hit me too. The network you're referring to is 'ZScaler' in my case which is a large web access service used by corporates.... and very much not 'botty'. 
If you have concerns about traffic you're seeing from ZScaler IP addresses, let me know and I can put you in touch with someone in their NZ office.





No signature to see here, move along...

ANglEAUT
2320 posts

Uber Geek

Trusted
Lifetime subscriber

  #3342343 13-Feb-2025 10:18
Send private message

BlakJak: This hit me too. The network you're referring to is 'ZScaler' in my case ... 

 

Same here. Was working fine yesterday, but not 1st thing this morning. Now all good again.





Please keep this GZ community vibrant by contributing in a constructive & respectful manner.


freitasm
BDFL - Memuneh
79257 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3342460 13-Feb-2025 11:10
Send private message

BlakJak:

 

This hit me too. The network you're referring to is 'ZScaler' in my case which is a large web access service used by corporates.... and very much not 'botty'.

 

If you have concerns about traffic you're seeing from ZScaler IP addresses, let me know and I can put you in touch with someone in their NZ office.

 

 

As explained in the PM, it seems the ZScaler ASN is being used by companies that deploy automated website scraping. This may include AI bots, because this is the blocking rule that affected you folks.

 

Just because ZScaler is used by "corporates" doesn't mean it can't be used by automated processes by some of their clients. Same with other cloud providers. 

 

I have tweaked the rule to allow humans to pass. 





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


freitasm
BDFL - Memuneh
79257 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3342462 13-Feb-2025 11:16
Send private message

To clarify, the blocking rule includes AI crawlers, SEO bots, monitors and security scanners:

 

 

Those are bots that have no place accessing Geekzone. We don't use these tools so no reason to have thousands of requests hitting our server every day. 

 

 

 

(We do use security scanners but those are allowed access on a higher rule. We don't need rogue security scans by unauthorised parties).





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


Behodar
10503 posts

Uber Geek

Trusted
Lifetime subscriber

  #3342463 13-Feb-2025 11:17
Send private message

This reminds me of the iCloud Private Relay documentation, which basically says "because everyone using this is an Apple customer, you don't need to block our address ranges". As if Apple's customers are somehow better than non-Apple customers. Spoiler: they're not.


freitasm
BDFL - Memuneh
79257 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3342465 13-Feb-2025 11:19
Send private message

Behodar:

 

This reminds me of the iCloud Private Relay documentation, which basically says "because everyone using this is an Apple customer, you don't need to block our address ranges". As if Apple's customers are somehow better than non-Apple customers. Spoiler: they're not.

 

 

Microsoft Azure, AWS and GCP are used by corporates. And look at the amount of crap coming out of their networks...





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


freitasm
BDFL - Memuneh
79257 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3342468 13-Feb-2025 11:25
Send private message

This is the last 24 hours of blocking and challenging. Very quiet - there are days we block millions of requests.

 

 

These are the top blocked ASN in the same period:

 

 

The top ASN in this list is 136557. For some reason or another one of their clients scan Geekzone constantly, requesting the same URL over and over, 24/7 for years. No reason at all. They even keep requesting 404 pages. And yes, .css and .ico are cached at edge, so lucky these don't hit the server:

 

 

In my view, "corporate" networks are the ones that get more scrutiny than residential IPs. Yes, I know residential IPs can be hijacked, but the scale here...

 

 

 

 





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


BlakJak
1275 posts

Uber Geek

Trusted

  #3342472 13-Feb-2025 11:47
Send private message

.. except the ZScaler NZ exit node is in Auckland, 147.161.216.0 appears on the Auckland IX from AS53813 which appears to be ZScaler's own ASN

 

I don't know if the ZScaler terms of use allow for bot-scraping, and i'm sure it's possible that service providers / datacentres with whom ZScaler has hosting and transit arrangements may also be hosting other customers with less scruples, but the ZScaler Internet Access (ZIA) service that's their product leader is something that runs resident on a corporate client desktop, not a bot or scraper.

 

Appreciate you opening the doors for us though!





No signature to see here, move along...

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.