Cloudflare detecting our MitM

If you’re doing MITM then I guess you’re inherently proxying the traffic - it sounds more like your traffic is triggering either Managed Rules (part of Cloudflare’s WAF solution which are rulesets maintained by Cloudflare) or the websites have setup their own rules (blocking known bots, proxies, GeoIP, etc).

In any case, it’s not that the traffic is being MITM’d (as you can test with something like mitmproxy) but rather that your particular proxy is upsetting Cloudflare’s security offerings.

Unfortunately, in any case, Cloudflare won’t override a customers security rules. As you can see in it indicates that 1020 means the block is a rule that a customer has defined.

Whilst I agree that Cloudflare’s firewall is blocking you, it’s not something that they’re doing against you in particular but rather their customers (such as Selfridges) have opted to block your traffic for one reason or another.

You’d need to reach out to the websites that you’re being blocked by and provide them with the RayID/timestamps/etc to get any clarity into what specifically is blocking you since that information can only be provided to the website owner (otherwise malicious actors could find ways to get around rules if they were told what blocked them).