Excluding API Endpoints from anti Bot feature
Hey
I recently enabled the Proxied feature for my Web Server in the DNS Settings. My problem is that now API Endpoints that get sent from a script get blocked by some kind of anti Bot feature and return the Status Code 403. It was working fine when i had it on DNS only. Now i am wondering if it's possible to exclude or bypass this anti Bot feature for API Endpoints? All API Endpoints start with: <domain>/api/example-endpoint.
1 Reply
WAF custom rule with Skip action is the way.
https://developers.cloudflare.com/waf/custom-rules/skip/
Cloudflare Docs
Configure a rule with the Skip action | Cloudflare Web Application ...
Use the Skip action in a custom rule to skip one or more security features. A rule configured with the Skip action is also known as a skip rule.