Allowing Embedding

What is the name of the domain?

example.com

What is the issue you’re encountering

I am trying to embed a link to a blog post in my LMS

What are the steps to reproduce the issue?

Hiya

I am trying to embed a blog post in a page of my LMS which is on a different server but cloudflare blocks the request to display the post in the LMS

How can I create a rule to allow this please?

May I ask if it is a feature like an “external link preview box” or? :thinking:

Are the domains both added to your Cloudflare account and/or using Cloudflare?

You should see such requests being either challenged or blocked at the Security tab → Events. Double-check which service is triggered.

Hiya

No it’s a blog post on the main site we are trying to embed into a page on the LMS which is on another server. The main site is of course on CF not sure about the LMS. It’s Learnworlds.

Mark

So before you can create a rule to allow, you need to understand what exactly is blocking it first.

  1. Run Trace on your affected URL to output all the rules that are matching on your request. This should help you narrow down what is causing this issue and if it is a managed rule or a custom setting in your account.
  2. Search Security Events for recent requests to that URL. This should output the exact rule(s) (managed or custom) that caused this. Once you know the exact rule(s), you can either disable or skip.

Finally, if you are trying to use iframe in order to embed the content, you need to make sure CORS headers returned with a blog post allow that.