I have a domain on the Pro plan along with Super Bot Fight Mode enabled.

I am trying to perform a security scan, Acunetix to be precise.

I would like to bypass Bot Fight Mode and all of Cloudflare’s security to ensure that Acunetix’s IP (self-hosted agent, so I know its public IP) can scan my website thoroughly. From this documentation, using ‘Allow’ action for Firewall Rules does not exempt it from being evaluated by WAF so I guess it might bypass the Bot Fight Mode only.

Any recommendation is appreciated. Thanks.

https://dash.cloudflare.com/?to=/:account/:zone/firewall/tools should allow you to do just that.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.