Blog

    Introducing Bunny Shield access lists: Let the good traffic hop through

    Posted by:
    Joe Connolly

    Joe Connolly

    Arseniy Zlobintsev

    Arseniy Zlobintsev

    Wall clock

    July 24, 2025

    The modern internet is noisy.

    There’s real traffic flowing from real users, but behind it? A constant background hum of scanners, spammers, scrapers, login attempts, and anonymized botnets hopping across the globe faster than any deny list can keep up.

    Static ACLs, legacy firewalls, and one-size-fits-all blocks aren’t enough anymore. Threats move. They rotate IPs, spin up new proxies, and blend into real-looking requests across hundreds of providers.

    We needed a way to fight back with control, precision, and speed. So we built Access Lists.

    Access Lists let you allow, block, challenge, or log traffic based on IP addresses (IPs), IP ranges (CIDRs), autonomous systems (ASNs), or entire countries. They’re available on every Bunny Shield plan, with curated threat lists unlocked at the Advanced, Business, and Enterprise tiers. All rules are enforced instantly at the edge, without adding complexity or latency.

    Why we built this

    Blocking traffic used to be simple. One IP, one rule. But the internet doesn’t work like that anymore.

    Modern threats are more distributed, more evasive, and more persistent than ever. Proxy farms and botnets scale across continents. An ASN that’s clean today might be a credential-stuffing nightmare by tomorrow. IPs that look clean in logs one day can be part of a spam ring the next.

    You need more than a static blocklist. You need protection that evolves as fast as the threats do.

    Access Lists help you stay one step ahead by combining real-time threat intelligence with the flexibility to define your own rules.

    Curated threat lists

    We maintain a growing library of curated threat lists, built from widely respected threat intel sources and automatically synced across our network.

    Each list is reviewed, updated multiple times daily, and deployed instantly across the Bunny Shield edge. That way, you're not relying on yesterday’s data to make today’s decisions.

    No scripts. No cron jobs. No maintenance.

    Just one click, and the edge takes care of the rest.

    Advanced Plan:

    • Known VPNs
    • Common datacenters
    • Tor exit nodes
    • NetMountains
    • FireHOL Level 1
    • AbuseIPDB

    Business Plan:
    Includes everything in our Advanced Plan, plus 8 additional threat feeds:

    • FireHOL Level 2
    • IPSum
    • Blocklist DE
    • ThreatFox
    • Emerging threats
    • BotScout
    • StopForumSpam
    • SpamHaus DROP

    Enterprise Plan:
    Includes everything in the Advanced and Business Plans, with support for customizable feed integrations allowing that expand threat coverage tailored to your infrastructure and scale requirements.

    These feeds help defend against large-scale abuse, automated scanners, and proxy-driven attacks without any manual upkeep. It’s real-time reputation, baked into your security posture.

    Custom Access Lists

    Sometimes you need more control over who can access your service.

    Custom Access Lists let you define your own IPs, CIDRs, ASNs, or countries and choose exactly how to handle them. You can block, challenge, allow, or simply log the traffic. Whatever fits your needs.

    Want to allow a specific ASN for your infrastructure? Block a range targeting your login page? Challenge traffic from a high-risk region during a launch? You can do all of that. No scripts required.

    Every plan includes access to custom lists, with limits that scale as you grow. Even the Basic Plan gets a taste of the control.

    You can create and manage your own lists, label them clearly, and apply them in just a few clicks. Updates go live globally within seconds, giving you lightweight, real-time control that scales with your needs.

    It’s access control, your way.

    Hop to block instantly

    Like everything in Bunny Shield, Access Lists are enforced directly within our global request pipeline, before requests ever reach your origin.

    There’s no rerouting, no lag, and no waiting for backend decisions. Whether you’re blocking a datacenter ASN or allowing an internal tool’s IP, the rule takes effect the moment the request touches the network.

    You get immediate, global protection without adding risk to your origin or latency for your users.

    Simple to start

    Getting started is easy. Just hop into your Pull Zone, head to the Shield tab, and click into Access Lists. You can start with curated threat lists or create your own custom access list in just a few clicks.

    That’s it. Your access rule goes live globally within seconds. You’re in full control of who can (and can’t) hop through.

    Let the good traffic hop through

    Access Lists are available now for all users. You can choose powerful prebuilt threat intelligence or take full control over your own rules. Either way, they’re ready when you are.

    No guesswork. No maintenance. No unnecessary complexity.

    Just real-time protection that keeps the bad traffic out and lets the good traffic hop through.

    Ready to take control?

    New to Bunny Shield or already protecting your traffic? Access Lists are ready when you are.

    Hop into your dashboard to get started or sign up and start building smarter rules today.

    Challenge what looks suspicious. Allow what you trust. Block what you don’t. It’s your edge. You make the rules. Now that’s access control you can hop behind.