I have a domain on the Pro plan along with Super Bot Fight Mode enabled.
I am trying to perform a security scan, Acunetix to be precise.
I would like to bypass Bot Fight Mode and all of Cloudflare’s security to ensure that Acunetix’s IP (self-hosted agent, so I know its public IP) can scan my website thoroughly. From this documentation, using ‘Allow’ action for Firewall Rules does not exempt it from being evaluated by WAF so I guess it might bypass the Bot Fight Mode only.
Any recommendation is appreciated. Thanks.