Are these requests actually sent by Cloudflare? They have been blocked by custom rules

These requests appear to be certificate verification requests from Cloudflare, but they are being blocked by the custom rules I have set. Should I allow them?

The IP range (e.g. 2606:4700:1101::/52) and AS number have previously been used for something by Clouflare, e.g. here:

Just curious though, did you add “Known Bots” to be able to skip these firewall rules?

For anyone to be able to create certificates on your domain through that, they would need to have access to your server (or e.g. Cloudflare, as a middle man on Proxied (:orange:) records), to be able to create and serve that file, and if they are, you would be in much severe trouble than if you’re letting everyone being able to request a file on you domain.

Alone being able to request the /.well-known/acme-challenge/spaghetti file, doesn’t mean that you are able to create or adjust it in any way, nor that you would retrieve the “spaghetti” token on the current domain control validation request.

As such, restricting access to be able to request files in e.g. /.well-known/acme-challenge/ may not make that much sense after all.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.