Hi
I have some of our my users that are coming via zscalers proxies. For some of them the BIC is triggering for some not.
Is there a way to understand and have more details on why the BIC is triggering.
Is the issue on the client side, or a zscaler issue or a site issue …
(Of course, I can bypass the cloudflare firewall based on the AS but this is just putting the problem under the rug. )
tx
Hi there,
The Browser Integrity check looks at the User-Agent of the request and based on the a predefined list that we maintain of User-Agents that we consider malicious we block the requests. We are limited on what we can share, because that information can be used to avoid the feature - however if you have example User-Agents that are being blocked - we can review and see it if is something we can consider improving.
Hi
thanks for the feedback.
I tracked down my issue to a REST kind of API behind one of the paths of the applications concerned. Digging into this case I found a couple of other BIC related blocking associated to API calls.
Hence does it imply that I wound need to identify “all” REST API endpoints and whitelist them in some way ?
tx
A couple of options:
You could create a Firewall Rule with ‘Bypass’ action for the specific User-Agents that you are having difficulty - so that they bypass the WAF - Firewall rules actions · Cloudflare Firewall Rules docs
If you have some clients with dedicated IP’s that query these API endpoints, you could create bypass rules for their IPs.
You can disable the BIC for your API endpoints using Page rules
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.