Bug: Cloudflare's speed test blocked by "Bot fight"-Mode

janmm14 · February 15, 2023, 2:49pm

Problem:
The security-events gets filled with bot-fight-mode events when I use Cloudflare’s own speed test.

Solution:
Create temporary internal bot-fight-exemption for the google-ip which runs the speed test or use other safe measures of identifying your own speed test so bot-fight-mode doesn’t block it.

sdayman · February 15, 2023, 5:24pm

Yep…the new Speed Test is a unique setup, and they’re working on finding a way to add it as a Known Bot.

Create temporary internal bot-fight-exemption for the google-ip which runs the speed test

Which IP address did you add?

janmm14 · February 15, 2023, 7:43pm

I meant this temporary exception would be the (obvious) solution for them to implement. We as users cannot exempt anything from bot fight mode, its active before any custom rules we could add.

sdayman · February 16, 2023, 5:12am

Ok…so…which IP address?

janmm14 · February 20, 2023, 12:08pm

Well thats something Cloudflare should know which outgoing google ip addresses they get to let them temporarily bypass their own bot fight mode. (as I said, all our rules apply only to things that bot fight mode let through)

sdayman · February 20, 2023, 2:57pm

You should also know this, since you mentioned this:

Please click on one of those events and let us know which IP address this is. That will help others who aren’t able to run the speed test because they have bot fight mode enabled.

janmm14 · February 20, 2023, 3:26pm

No this will not help, as it says on the bot fight page: Other security products cannot be used to skip “bot fight” mode.

Chaika · February 20, 2023, 4:44pm

If you only have Bot Fight Mode (free plan), any IP Access Rules present will disable it. However, if you have Super Bot Fight Mode (Pro Plan or higher), you can use IP Access Allow action rules to bypass it.

https://support.cloudflare.com/hc/en-us/articles/360035387431#5KX8t3C6SObnoWs5F6YOlU

If you’re seeing the “Other Security products cannot be used to skip BFM”, then you are on Free plan and can’t skip it yourself, over then just disabling it or upgrading.

I tested it myself a few times, looks like it picks two random IPs, one for desktop and one for mobile, and all were from the same /48

2600:1900:2000:a5::1d
2600:1900:2000:a5::17
2600:1900:2000:a4::1f
2600:1900:2000:a7::a
2600:1900:2000:a4::1c
2600:1900:2000:a7::14

Others could maybe try whitelisting the entire 2600:1900:2000::/48, at least just for the test.

system · March 7, 2023, 4:44pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.