I just upgraded to a Pro plan for the WAF (to protect a Gitlab CE instance). However Gitlab keeps triggering the 949110: Inbound Anomaly Score Exceeded Owasp rule.
I can’t exclude specific IPs because this will be a publicly accessible site. Is there a way to “train” the WAF or bypass specific rules or URIs? According to https://developers.cloudflare.com/firewall/cf-firewall-rules/actions/ it might not possible:
- You cannot bypass the new Cloudflare WAF, only its previous version.
But maybe I’ve missed something. I don’t want to disable the entire managed ruleset- that would defeat the purpose of paying for the WAF in the first place.