I have had a Netlify hosted site (a simple angular spa app) with a custom domain and DNS managed by Netlify being blocked by two separate enterprise firewalls of different companies.
One company runs zscaler and the other using sophos. I can’t get any detail out of their security team, but they eventually safe list the domain in their systems to get over the issue.
I maybe barking up the wrong tree, but I ran searches of the IP addresses returned for the site and it does change frequently. I notice that if the IP address is pointing to AWS it is generally healthy, but some digital ocean IPs return an error eg: SRBL blacklist database - Malware Expert. In this instance suggesting the server is missing some configuration.
I understand due to the nature of the service that people can create malicious sites, which are actively taken down, but this can have an effect on the IP address being denylisted. Again, I maybe in the wrong area here.
Is the experience I had common?
Is there any best practise that I can employ to help prevent being blocked, such as having the DNS and apex domain managed by my domain name registrar?
Would there ever be the possibility of having static IPs for an app or domain, or is that unrealistic for such a service?