Cloudflare blocking Xenforo messages containing "cmd.exe"

rconn · May 3, 2023, 3:49pm

I have an app named “tcmd.exe”; when including that name or a link to my website to download the file, I get an “Oops!” popup trying to post the message.

I assume this is a security check for “cmd.exe”, but it’s making it really difficult for me (or my users) to post messages. XenForo says that Cloudflare is blocking the messages; the browser console seems to confirm this.

I can’t find the appropriate Cloudflare ruleset to block.

dmartin1 · May 4, 2023, 9:46pm

You should be able to search by rayID in your security events to see the ruleID that is blocking these requests.

You can then search by that rule ID in the ruleset section of your WAF.

This is more than likely a Command Injection WAF rule.

system · May 19, 2023, 9:47pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.