For over a year now (April 2023), the members of FDN (French Data Network), a non-profit organization and France’s oldest ISP still in business, have been unable to access Engie’s websites (Engie is a major utility company in France). Technically speaking, visitors are prompted with an “HTTP 403 Forbidden” error served by Amazon CloudFront’s web server instead of the expected website’s content.

Following numerous reports of access failures by a large number of users, FDN’s technical support team has identified that an IPv4 subnet of the FDN and Gitoyen networks (80.67.160.0/19) is present in the filter rule “AWS-AWSManagedRulesAnonymousIpList” provided by Amazon Web Services (AWS) to its clients (including Engie).

FDN has contacted Amazon Web Services (CloudFront) and Engie, but received no response.

FDN and Gitoyen users are also denied access to other web sites (see list below), however these blocks do not appear to be related to AWS. FDN’s technical support team is still investigating the issues.

Recently, YouTube has been considering FDN visitors as robots and refuse to serve videos, displaying the following message instead :

“Sign in to confirm you’re not a bot. This helps protect our community.”

We do not understand why our networks are blocked or filtered and ask:

• Amazon Web Services to remove FDN and Gitoyen networks from the AWS-AWSManagedRules AnonymousIpList filtering group.
• Engie to unblock access to their websites by adding an exception rule for the IPv4 address range « 80.67.160.0/19 » in the WAF (Web Application Firewall) tool provided by AWS.
• YouTube not to force user authentication from FDN and Gitoyen networks, we’re not robots!

We also ask our members who would be customers or users of these services to report these situations back to the customer services of these various sites, asking their technical services to contact our technical support team on our e-mail: support (a) fdn.fr

List of known web sites blocking access to FDN users:

• https://gas-tariffif-reglemente.fr, https://particuliers.engie.fr, https://gazpasserelle.engie.fr
  • blocked by AWS
  • the blocking seems to concern the entire Gitoyen 80.67.160.0/19 network.
• https://www.reddit.com
  • blocked by the application
  • unknown criteria
  • apparently the geolocation of IPv6 addresses seems to be problematic (IPv4 connections work)
  • forces us to have an account
• https://clients.boursobank.com/connexion/ (after connection but unidentified blocking system)
  • blocked by the application
  • unknown criteria
• https://www.disneyplus.com/identity/login
  • blocked by the application
  • unknown criteria, but the error (in the javascript console) mentions a location.
  • the IPv6 addresses seems to be problematic (IPv4 connections only are functional)
• https://play.max.com
  • “Unfortunately, we don’t support VPNs in the Max app. Try to disable your VPN. For more information, see help.max.com »
  • unknown criteria
• https://www.youtube.com
  • blocked by the application
  • unknown criteria
  • FDN’s IPv6 network is also blocked
  • forces us to have an account

Despite our best efforts, we have not been able to get in touch with the support teams of these websites.

Do not hesitate to redistribute this article on a massive scale so that these nuisances stop as soon as possible!