Having issues whitelisting a server in WAF
Heyo. My setup for the situation is, I have one server running sentry behind a tunnel, and another one trying to report to the endpoint and is getting flagged for "Bot Fight Mode" with a Managed Challenge. I tried creating a WAF rule to skip All Super Bot Fight Mode Rules for my servers but it does not seem to be working. The requests are still getting flagged. I've attached the screenshot of the rule. Anyone got any clue of what might be the issue?
3 Replies
If your zone is free, you are using Bot Fight Mode which is not skippable by anything, your only option is to disable it
Pro or higher have Super Bot Fight mode which is skippable
CF recommends only enabling Bot Fight Mode when under attack: https://developers.cloudflare.com/bots/troubleshooting/#what-should-i-do-if-i-am-getting-false-positives-caused-by-bot-fight-mode-bfm-or-super-bot-fight-mode-sbfm
BFM and SBFM are high security features intended to quickly help customers under active attack stop as many bots as possible. Due to the high security threshold, false positives do sometimes happen. BFM has limited control. You cannot bypass or skip BFM using the Skip action in WAF custom rules or using Page Rules. BFM will be disabled if there are any IP Access rules present. If you turned on BFM during an attack, and the attack has subsided, we recommend either disabling the feature using IP Access rules to bypass BFM, or looking at Bot Management for Enterprise, which gives you the ability to precisely customize your security threshold and create exception rules as needed.
FAQ · Cloudflare bot solutions docs
Yandex updates their bots very frequently, you may see more false positives while these changes are propagated. New and recently updated bots will …
Okay fair enough
Thanks!