Always allow a particular domain

Hi, is it possible to always allow requests to a particular domain, and to exempt it from JS captchas set in the IP firewall for certain IP addresses at the account level?

What did you set that’s adding JS Challenge or CAPTCHA to that domain? If you did it in Firewall Tools, then have you tried adding another IP Access Rule(s) to Allow those certain addresses?

You could also try adding the Allow as a Firewall Rule, but I’m not sure that will override the IP Access Rule.

JS Captchas are constantly being added & removed for certain IPs using the API.
We’ve tried using the “bypass to waf” for the domain in the Firewall Rules, but the request still passes through captcha.

Are you saying that you’re making API calls to automatically add Challenge for IP addresses you really don’t want challenged?

The challenge is used at the account level covering all domains. Some of those domains are for assets (js, css, images etc), and they are separate domains, not 3rd level domains within the website domain, therefore captcha can’t be solved for them, website ends up showing without images etc.

Ok, I’ve worked around the problem by blocking at the zone ID level, not at the whole account level.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.