diff --git a/data/config.php b/data/config.php
index 5c704ae..4de9992 100644
--- a/data/config.php
+++ b/data/config.php
@@ -40,6 +40,19 @@ class config{
 		//["fumo_plushies", 1006],
 		//["minecraft", 848]
 	];
+
+	// the following refer to ASN whitelisting
+	//  if you enable ASN whitelisting, no other bot protection will be used
+	// this doesn't work if you put it behind cloudflare
+	const ASN_WHITELIST = 0;
+	// the ASNs that should be allowed
+	const ASN_WHITELIST_LIST = [
+		//example:
+		//["1337"]
+	];
+	// the whois server to hit up
+	const WHOIS_SERVER = "whois.cymru.com";
+	const WHOIS_PORT = 43;
 	
 	// If this regex expression matches on the user agent, it blocks the request
 	// Not useful at all against a targetted attack
diff --git a/lib/asn.php b/lib/asn.php
new file mode 100644
index 0000000..5bfa492
--- /dev/null
+++ b/lib/asn.php
@@ -0,0 +1,35 @@
+<?php
+function check_asn($ip, $asns, $whois_server, $port){
+    $data = $ip . "\n";
+    
+    $socket = stream_socket_client("tcp://$whois_server:$port", $errno, $errstr);
+    
+    if (!$socket){
+        echo "yo shits fucked cant hit up the whois serber: $errstr ($errno)\n";
+        exit();
+    }
+    
+    fwrite($socket, $data);
+    
+    $response = "";
+    while (!feof($socket)){
+        $response .= fgets($socket, 128);
+    }
+    
+    fclose($socket);
+    
+    $response = explode("\n", $response);
+    if (count($response) < 2){
+        echo "sup facilities exploded no response for ip: $errstr ($errno)\n";
+        die();
+    }
+    $response = explode(" | ", $response[1]);
+
+    foreach ($asns as $asn){
+        if ($asn == $response[0]){
+            return true;
+        }
+    }
+    return false;
+}
+?>
diff --git a/lib/bot_protection.php b/lib/bot_protection.php
index e3d51a8..fec212d 100644
--- a/lib/bot_protection.php
+++ b/lib/bot_protection.php
@@ -1,20 +1,36 @@
 <?php
+include "lib/asn.php";
 
 class bot_protection{
 	
 	public function __construct($frontend, $get, $filters, $page, $output){
 		
+		// check if we're operating on an ASN whitelist
+		if (config::ASN_WHITELIST == 1){
+			$response = check_asn($_SERVER["REMOTE_ADDR"], config::ASN_WHITELIST_LIST, config::WHOIS_SERVER, config::WHOIS_PORT);
+			if (!$response){
+				http_response_code(401);
+				echo json_encode([
+					"status" => "the ASN whitelist is enabled, and you ain't on it."
+				]);
+				die();
+			}
+			else{
+				apcu_inc("real_requests");
+				if($output === true){
+					$frontend->loadheader(
+						$get,
+						$filters,
+						$page
+					);
+				}
+			}
+			return;
+		}
 		// check if we want captcha
 		if(config::BOT_PROTECTION !== 1){
 			
-			apcu_inc("real_requests");
-			if($output === true){
-				$frontend->loadheader(
-					$get,
-					$filters,
-					$page
-				);
-			}
+
 			return;
 		}