Analytics accuracy
I tried a XSS attack on my website, and cloudflare blocked them correctly, but nothing was shown on analytics/security in the dashboard... why not?
12 Replies
You got a block page? I would previous 30 minutes on the firewall events page and give it a few minutes. It can sometimes be a bit slow/behind, but should eventually show them
yeah...
oh alright, will keep you updated
how much do you think it will take? (usually takes)
usually only 1-2 mins behind yea
try selecting previous 30 minutes instead of 24 hours too, I think there's cache or something, seems to be faster on last 30 mins
well, it has been longer than that :/
yeah, but it keeps selecting previous 6 hours even if I ask for the last 30 mins
WAIT, it just appeared
took it long enough honestly... thank you guys
Like it really took time, I was patient lol
possible it was delayed by a bit longer then usual, as far as i know the setup is something like each server holds those events for a bit, and then pushes them to core, which goes into a kafka queue and finally gets ingested in clickhouse and show to you/what those analytics pull from, so a few layers involved
mhm, thanks for the help
weird how it marks XSS as unclassified
I feel like it should be categorised right? like XSS can definitely ruin somebody's day
hmm, where does it say unclassified?
analytics/security
in the pie chart
- How do you know so much about cloudflare
- How do I see types of attacks?
tbh I forgot that analytics tab existed
"Unclassified threats comprises a number of automatic blocks that are not related to the Browser Integrity Challenge (Bad Browser). These threats usually relate to Hotlink Protection, and other actions that happen on Cloudflare’s global network based on the composition of the request (and not its content)."
If you're on Pro or higher you get really nice analytics on the events page
and then you can filter by the actual rules too
good stuff...
Alright thanks
mhm ok