I have been constantly receiving the message “Blocked because of IPS attack”.
We performed some tests with the tool creating some page rules and we could verify that the error was not presented with a rule created the “cache level: bypass”.
If this rule is changed to “cache level: cache everything” the error message is displayed.
As you can see in the attachments the header of both requests are from Cloudflare.
We performed some tests by changing the IP of the computer hosts to the direct IP of our server structure and the message is not displayed .
Remembering that this message is displayed for specific users, not all users are given the error in question.
Has anyone had the same problem?