I have a Firewall Rule:
(ip.geoip.country in {“US” “IE” “LU” “MZ” “DE” “PL” “BE” “FR” “CA” “JP” “SC” “NL” “BG” “RO” “SK” “FI” “LV” “LT” “AL” “AT” “RS” “SE” “IT”} and not cf.client.bot)
Then…
Choose an action
Challenge (Captcha)
So my hope is that means all traffic from those countries is challenged and good bots go unchallenged.
But when I look at stats it says:
CSR 0% Issued 0 Solved 0
Activity is 255
So does that mean everything is working okay or that I haven’t set it up properly?
Did you mean 255 Firewall events which were challenged?
I think so - it says activity 255 but I’m nit sure if that means challenged (is uissued and challenged different?)
My suggestion may sound useless but, can you try refresh the browser page?
Never useless to refresh browser 
Now says 1.6k but still 0 issued 0 solved.
Can you confirm that the “JS challenge” shown in Firewall Events were really coming from the firewall rules that you created?
You can scroll down a bit under the Firewall Events page and see what triggered JS challenge.
Looks like it. For example:
14 Jun, 2021 15:57:26
Managed Challenge
United States
3.238.194.248
Firewall rules
When you expand this activity log, you should see the name of the Firewall Rule that triggered the challenge. Is it the same as the name of the rule that you created?
Yes it does.
I’ve also noticed that when traffic does come to my site from countries challenged by this rule, code is added to the url so I am assuming they do answer the challenge:
I’m just confused by the CSR 0% Issued 0 Solved 0 (could it be those stats aren’t available to all accounts?)
It now says 10.68k, but very little of that actually gets through which is excellent. I use CleanTalk to block spammers using forms on my site. The number of messages blocked is now a fraction of what it was so spammers are definitely not answering any challenge set by Cloudflare and are no lolnger getting to my forms.
Then this should be a glitch in their system. Kindly contact Cloudflare Support to investigate the UI glitch.
To contact Cloudflare Customer Support, login & go to https://dash.cloudflare.com/?account=support and select get more help. If you receive an automatic response that does not help resolve your issue, reply and indicate that you still require assistance. And, please share your ticket number here so that we can track it.
Thanks for spending so much of your time helping me. I will contact Cloudflare as suggested.
I created a challenge for visitors from a country under Firewall Rules. When checking the statistics under Firewall Rules is see 0 % as the number of visitors that managed the challenge.
However, when going to the Firewalll Overview tab, I noticed many instanced of so-called ‘Managed Challenge’. What could be the reason for this discrepancy ? The country I am ‘challenging’ has a lot of visitors that try to download content from my site. Maybe they are using some ‘trick’.
Hi @gv1,
Does your issue look similar to this one?
If so, I can merge the two threads and escalate it for someone from Cloudflare to look at.
Yes, that is how it looks
Greetings.
@brandwise and @gv1 I have merged your threads, since they seem to be the same issue, and I have escalated it for someone from Cloudflare Support to get back to you here.
This is Zein from the Cloudflare Support team.
We recently introduced a new change for free zones. If you are a free customer, any Firewall Rules set to Challenge (Captcha) have become intelligent Managed Challenges . These Managed Challenges help reduce the lifetimes of human time spent solving Captchas across the Internet.
Currently, we don’t calculate the CSR for Managed Challenge action. For more details on how the Managed Challenge action and the CSR works, please check the articles below:
I also raised an internal ticket to get our documentation (About Cloudflare Firewall Rules · Cloudflare Firewall Rules docs) updated. If you want to see the CSR working, I’d recommend you change the action in your Firewall to JS challenge instead of Captcha.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.
The CSR Bug was fixed for Managed Challenge.