Easy WAF Data

This repository provides data used by the Web Application Firewall EasyWAF.

A whitelist of IP address ranges of search engine crawlers and crawlers of other big platforms is scraped every 12 hours by a GitHub Action and stored in this repository. This list is used by the "Fake Crawlers" module of Easy WAF to block fake crawlers. For more information about the WAF visit the EasyWAF repository.

The authenticity of most crawlers can be determined with a reverse DNS lookup, but an additional IP whitelist increases performance. In addition, the authenticity of some crawlers, such as the Facebook crawler, can only be determined by the IP.

But why is the IP range list not created locally by EasyWAF itself? The main reason is that the download of the BGP Routing Table Analysis takes some time, especially with poor internet connections. This effect would be amplified if an application is started multiple times in parallel, for example with Node.js cluster mode. In addition, it is possible to react more quickly to changes in the data sources used without having to update EasyWAF.

Why is this not a security issue? The data is only used for the whitelist of the Fake Crawler module, so adding malicious IPs does not allow WAF bypassing from those IP addresses. A disruption or failure of this data source would currently only cause problems with Facebook crawlers and somewhat reduce the performance of EasyWAF.

Data sources

Google

Documentation: Check Googlebot and other Google crawlers
Direct link to JSON: Google IP ranges

Bing

Direct link to JSON: Bing IP ranges

Facebook

Documentation: Facebook Crawler
IP ranges are scraped from BGP Routing Table Analysis

Twitter

Documentation: Twitterbot
IP ranges are scraped from BGP Routing Table Analysis

DuckDuckGo

Documentation: Is DuckDuckBot related to DuckDuckGo?

Pinterest

Documentation: Pinterest Crawlers

BGP Routing Table Analysis

Website: BGP Routing Table Analysis
Direct link to IPv4 ranges: IPv4 Prefixes
Direct link to IPv6 ranges: IPv6 Prefixes

Contact

If a public GitHub issue or discussion is not the right choice for your concern, you can contact me directly:

E-Mail: info@timokoessler.de
My Website: timokoessler.de

Name		Name	Last commit message	Last commit date
Latest commit History 333 Commits
.github/workflows		.github/workflows
.vscode		.vscode
data/crawler-ips		data/crawler-ips
src		src
.gitignore		.gitignore
.prettierignore		.prettierignore
.prettierrc.mjs		.prettierrc.mjs
LICENSE		LICENSE
README.md		README.md
SECURITY.md		SECURITY.md
package-lock.json		package-lock.json
package.json		package.json
tsconfig.json		tsconfig.json
tsup.config.ts		tsup.config.ts

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Easy WAF Data

Data sources

Google

Bing

Facebook

Twitter

DuckDuckGo

Pinterest

BGP Routing Table Analysis

Contact

About

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

Easy WAF Data

Data sources

Google

Bing

Facebook

Twitter

DuckDuckGo

Pinterest

BGP Routing Table Analysis

Contact

About

Topics

Resources

License

Security policy

Uh oh!

Stars

Watchers

Forks

Uh oh!

Contributors

Uh oh!

Languages