I’m from the Netherlands and I have a BIC triggering while I have a firewall rule applied for a managed challenge that doesn’t seem to work on a client domain https://keyboardcentrum.nl.
Expression Preview (I cloaked the IP’s)
(not ip.geoip.country in {“NL” “BE”}) or (not ip.src in {xx.1xx.1x.215 xxx.211.xx5.235 xx.xx.xx.150})
I can’t figure out why. It seems that whatever I do, the country is not working. I disabled BIC for the domain and even then it still triggers the BIC.
Are IP’s from the Netherlands flagged correctly as NL with CF and does a managed challenge incorporate a BIC by default?
There might be some confusion as to what they’re receiving - BIC is a flat-out block for bad User-Agents, not a challenge page (like the captcha or checking your browser).
Don’t forget that Firewall Rules also has an option to Bypass → BIC. You may consider putting a Bypass for those countries and IP addresses above a Managed Challenge rule.
that was the first thing I did but even with bypassing the BIC, it still shows that integrity check. Thats why I thought, has Cloudflare list the right IP ranges to NL, and within the Managed Challenge they include a BIC by default so whatever BIC I bypass from the settings has no influence.
Update: I tested “Continent is not in Europe”. This does work, however, to make it valuable I would rather have it like intended with “Country is not in NL or BE”. But like I wrote this doesn’t work since my IP, which is 100% coming from the Netherlands, is flagged as a non-Netherlands IP by Cloudflare. Even though the Log says Netherlands.