Bot fight mode blocks microsoft defender

(best i can tell)

Standard non development setting on Cloudflare, if I flush cache on CMS, and then refresh the browser, several bad things happen (one, my drop down menus don’t work).
the ip is microsoft defender network, the ?x-wblr-cw-cdn-bpass-id is added to whatever they do. - - [14/Apr/2023:16:05:45 -0400] “GET /services/?x-wblr-cw-cdn-bpass-id=D5B901F7-0271-415B-ACAF-D7AEB2F9B9BD HTTP/2.0” 200 29741 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36”

this Cloudflare setting causes the problem:
in WAF, add ‘field’ known bots or threat score > 0.
(known bots doesn’t seem to cause issue, its ‘threat score’)
ps, Cloudflare support; you can’t change it from managed challange to log, so I can’t see what it is doing.

seems that might not be the problem, i disabled both both modes, and flushed cached, again and again, both on CF and on the CMS. only thing that works is to enable development mode.

actually, the problem is bigger than that. I have to use ‘developer mode’ or pause Cloudflare to have menus work.

and I did the page rule to disable all cache, so its not cache.

Were you able to get this working @michael119?

Not completely.

#1: botmod is bad if you have a public site (it blocks indexing, blocks google, bing, everyone)

#2: it was the ‘minifying’ of cvs for me.

#3: still not right. Without CF, site is HTTP2.0, with CF, 1.1 and CF disables the accessibility features (somehow). But disabling minify on css helped.

(hint: pause CF, clear all cache, from everything, open a private browser, browse, save the source somewhere.)

Turn it all back on and look, see what is missing, maybe you can do a page rule.

(but if someone knows why its blocking HTTP2.0 on only ONE of two sites, tell me)

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.