Cool - that's for the update! Back to my own WAF tuning :rofl:
On Tue, May 13, 2025 at 3:54 PM Shlomo Solomon <[email protected]> wrote: > As expected, I got a "generic" answer from Isracard support - my IP was > blocked because of suspected attack attempts from that IP during the > war. > But since the IP belongs to an Israeli ISP, that answer is really not > very logical. > > > In any case, thanks to all who tried to help. > > > On Tue, 13 May 2025 15:42:41 +0300 > Shlomo Solomon <[email protected]> wrote: > > > You are absolutely right. > > After several hours on the Isracard Whatsapp, they asked for my public > > IP and were able to allow me access. > > Obviously I do not know why I was blocked or how they un-blocked me, > > but all is well now. > > > > I asked for an explanation of what was the cause, but I doubt that > > they will answer me. > > > > > > On Tue, 13 May 2025 15:29:24 +0300 > > Michael Tewner <[email protected]> wrote: > > > > > You're reaching CloudFlare because Isracard uses the CloudFlare CDN > > > in order to cache and secure the website. I assume they're > > > specifically using CloudFlare's Web Application Firewall service to > > > block unwanted requests at the perimeter instead of allowing > > > unwanted traffic to make it to their servers. > > > > > > As such, digital.isracard.co.il is resolving (using CNAME records) > > > to CloudFlare's service. > > > > > > Keep in mind that "ping" and "traceroute" aren't proper tests for > > > connectivity to HTTP and HTTPS services. Most platforms, including > > > CloudFlare, will block these requests (both are based on ICMP > > > packets, not TCP). A better check would be something like > > > tcptraceroute, but even those may be blocked by Web Application > > > Firewalls (WAF) for a multitude of reasons, including identifying > > > the request as a "scan" due to its low TCP TTL values. > > > > > > Anyways, the reason you're not getting through seems to be that > > > CloudFlare thinks you're a risk for some reason. > > > > > > -Mike > > > > > > > > > On Tue, May 13, 2025 at 3:16 PM Dotan Shavit <[email protected]> > > > wrote: > > > > > > > > > > > > > > > בברכה, > > > > דותן שביט, > > > > 0544-456656 > > > > > > > > > > > > On Tue, 13 May 2025 at 14:36, Shlomo Solomon > > > > <[email protected]> wrote: > > > > > > > >> nslookup verifies that you are right: > > > >> > > > >> nslookup digital.isracard.co.il > > > >> Server: 127.0.0.53 > > > >> Address: 127.0.0.53#53 > > > >> > > > >> Non-authoritative answer: > > > >> digital.isracard.co.il canonical name = > > > >> digital.isracard.co.il.cdn.cloudflare.net. Name: > > > >> digital.isracard.co.il.cdn.cloudflare.net Address: 192.118.12.104 > > > >> > > > >> > > > >> I don't see anything unusual in cat /etc/resolv.conf > > > >> nameserver 127.0.0.53 > > > >> options edns0 trust-ad > > > >> search Dlink > > > >> > > > >> > > > >> Changing the nameserver to 8.8.8.8 did not help. nslookup now > > > >> shows that 8.8.8.8 is providing the DNS: > > > >> > > > >> nslookup digital.isracard.co.il > > > >> Server: 8.8.8.8 > > > >> Address: 8.8.8.8#53 > > > >> > > > >> Non-authoritative answer: > > > >> digital.isracard.co.il canonical name = > > > >> digital.isracard.co.il.cdn.cloudflare.net. Name: > > > >> digital.isracard.co.il.cdn.cloudflare.net Address: 192.118.12.104 > > > >> > > > >> > > > >> But still no response from ping and I still cannot access the web > > > >> site. > > > >> > > > >> I also tried traceroute but the destination is not reached > > > > > > > > traceroute will show you the network components it reaches. check > > > > the last one to understand if for example you are blocked within > > > > your local network. > > > > > > > >> > > > >> > > > >> > > > >> > > > >> On Tue, 13 May 2025 14:05:54 +0300 > > > >> Gal Gur-Arie <[email protected]> wrote: > > > >> > > > >> > CloudFlare are giving a DDOS protection services for various > > > >> > hosts, including the one that you're trying to reach. > > > >> > What is the output of: > > > >> > nslookup digital.isracard.co.il > > > >> > > > > >> > What is the output of: cat /etc/resolv.conf > > > >> > ? > > > >> > maybe, try to modify the name servers just for the test to: > > > >> > nameserver 1.1.1.1 > > > >> > nameserver 8.8.8.8 > > > >> > > > > >> > > > > >> > On Tue, May 13, 2025 at 1:58 PM Shlomo Solomon > > > >> > <[email protected]> wrote: > > > >> > > > > >> > > I am not able to reach Isracard at digital.isracard.co.il. > > > >> > > The browser times out and reports ERR_CONNECTION_TIMED_OUT. > > > >> > > > > > >> > > Customer support says there is no problem. > > > >> > > https://downforeveryoneorjustme.com/ also says the site is > > > >> > > up. > > > >> > > > > > >> > > I tried ping digital.isracard.co.il and got no result. > > > >> > > Then I noticed that ping is trying to test a different > > > >> > > address. > > > >> > > > > > >> > > ping digital.isracard.co.il > > > >> > > PING digital.isracard.co.il.cdn.cloudflare.net > > > >> > > (192.118.12.104) 56(84) bytes of data. > > > >> > > > > > >> > > So why is my ping being sent to cloudflare.net and not > > > >> > > isracard.co.il? > > > >> > > > > > >> > > I should add that I do have a domain name registered at > > > >> > > cloudflare, but I don't see any reason for the strange ping > > > >> > > behaviour or the fact that I cannot reach the Isracard site. > > > >> > > > > > >> > > And I will also add that I have no problem with other web > > > >> > > sites. > > > >> > > > > > >> > > > > > >> > > > > > >> > > > > > >> > > > > > >> > > > > > >> > > > > > >> > > -- > > > >> > > Shlomo Solomon > > > >> > > http://the-solomons.net > > > >> > > Claws Mail 4.0.0 - KDE Plasma 5.24.7 - Kubuntu 22.04 > > > >> > > _______________________________________________ > > > >> > > Linux-il mailing list -- [email protected] > > > >> > > To unsubscribe send an email to [email protected] > > > >> > > > > > >> > > > >> > > > >> > > > >> -- > > > >> Shlomo Solomon > > > >> http://the-solomons.net > > > >> Claws Mail 4.0.0 - KDE Plasma 5.24.7 - Kubuntu 22.04 > > > >> _______________________________________________ > > > >> Linux-il mailing list -- [email protected] > > > >> To unsubscribe send an email to [email protected] > > > >> > > > > _______________________________________________ > > > > Linux-il mailing list -- [email protected] > > > > To unsubscribe send an email to [email protected] > > > > > > > > > > > > > > -- > Shlomo Solomon > http://the-solomons.net > Claws Mail 4.0.0 - KDE Plasma 5.24.7 - Kubuntu 22.04 >
_______________________________________________ Linux-il mailing list -- [email protected] To unsubscribe send an email to [email protected]
