Can't save changes on wordpress site due to Cloudflare OWASP Core Ruleset

I’m trying to make some changes on my site since upgrading to the Cloudflare pro plan but i can see in the WAF event history that the path /wp-admin/admin-ajax.php is being blocked by the managed ruleset “Cloudflare OWASP Core Ruleset”.

If i disable this ruleset i can successfully save changes on the site.

I tried reducing he anomaly score & the paranoia level to the minimum but i still get the same issue of being unable to save changes on the site.

How can i fix this? What rule must i add?

1 Like

May I ask what priority you’ve got selected? :thinking:

Ou, a bit strange out there. I don’t have any issues on multiple paid zones using WP.

May I ask if the request come from your origin host/server, or rather you as the “user/admin”? :thinking:

Not sure why it happens, however just in case, since it’s related to the WordPress, I’d suggest you to whitelist your origin host / server / hosting IP address by navigating to the Security → WAF → Tools → IP Access Rules with the action “allow” for your Website and try again.

It knows to happen due to the WordPress using HTTP/1.0 and empty user-agent, therefore while executing WP-Cron or some other related JSON/REST API request via plugin which triggers the WAF rules (as it should normally).

The other way would be to Override the specific rule.

Kindly, may I ask you to share the rule ID or Ruleset ID here with us? :thinking:

Hi fritex, thanks for your reply!

The priority is second under the Cloudflare managed ruleset, this was the default setting.

The request is coming from my ip as the user/admin.

I have set the ip access rule as per your suggestion but still having the same issue.

The details are below if you can provide any further insights or suggestions?

** Service*

Managed rules

** Action taken*

Managed Challenge

** * Ruleset*

Cloudflare OWASP Core Ruleset


    • Rule*

949110: Inbound Anomaly Score Exceeded

** OWASP score*


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.