Do you have a productive way to use the Cloudflare action Challenge for a Firewall Rule? For example, have you any good experience with a Firewall Rule that looks for “MSIE 9.0” in the User Agent string and then issuing a Challenge (i.e. reCaptcha)? What use have you found that takes advantage of the Cloudflare action “Challenge”?
I’ve gradually implemented Challenge instead of Block in my firewall rules and in many rules I now have Challenge as the action. And they’ve been working quite well. Invisibly to humans, but not to bots, the Challenge returns a 403 error before loading the page with the Captcha. Most bots are caught right there. In my view, Challenge lets you be more comprehensive in your rules without alienating real users you might inadvertently catch in the process.
This topic was automatically closed after 31 days. New replies are no longer allowed.