All good bots request flooding my firewall events as whitelisted


#1

anyone else notice it?

the only rule I have about them is what cloudflare recommended as “allow known bot” but I added it long time ago, only recently its started flooding my event logs


#2

Same with my website. Impossible to check the Firewall Events log, as the whitelisted bots (Uptime Robot, Googlebot etc) take screen after screen on the report.


#3

I contact the support this is the answer I got:

Hi there,

Thank you for contacting Cloudflare Support. I am sorry to hear that you are experiencing some difficulties here.

Indeed we have recently started logging Allowed firewall events.

At the moment we do not have plans to change this behavior. We are working in implementing a more powerful filtering service, but there is no ETA for this release.

I will pass your feedback to our product team concerning the fact that the Allowed logging is hiding real Firewall events.

Please let me know if you have any further questions and we will be happy to assist.

Kind regards,


#4

Thank you, @boynet2, for posting their answer here.

I’m afraid that we’re going to have to wait quite a while before the Firewall Events get back to being a useful tool.

But the “powerful filtering service” their answer is talking about is really something that CF needs to offer. The Firewall Events log was nice to look at, but not as useful as a good filtering solution can be. Right now, it’s very hard to figure out which one of your Firewall Rules or User-Agent Blocking rules are actually being employed.