Hi all

I just upgraded to a Pro plan for the WAF (to protect a Gitlab CE instance). However Gitlab keeps triggering the 949110: Inbound Anomaly Score Exceeded Owasp rule.

I can’t exclude specific IPs because this will be a publicly accessible site. Is there a way to “train” the WAF or bypass specific rules or URIs? According to https://developers.cloudflare.com/firewall/cf-firewall-rules/actions/ it might not possible:

• You cannot bypass the new Cloudflare WAF, only its previous version.

But maybe I’ve missed something. I don’t want to disable the entire managed ruleset- that would defeat the purpose of paying for the WAF in the first place.

Thanks!

You’d add a Skip, very much like configuring a Firewall Bypass:

https://developers.cloudflare.com/waf/managed-rulesets/waf-exceptions/define-dashboard/

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.