Cloudflare Firewall is also blocking its own request?

Cloudflare ASN is 13335 right?
I can see a lot of this IP request being filtered by my own firewall rule set.

Sample last 24 hours:

Should I create another Firewall Rule set to specifically allow ASN 13335?

Hi @nadlerz.90,

Depending on how your rule is configured, it can block requests originating from the Cloudflare network.

This FAQ from Developers Hub may clarify possible doubts:

Have you tried setting it up to not act on known bots?

I’m personally curious what the User Agent strings of these blocked requests are. If it’s not a problem for you to tell me, I’d appreciate it.

It was filtered by this expression:
(ip.geoip.country in {"CN" "RU" "UA" "FR" "GE" "AR" "SE" "NL" "DE" "IT"})

I’m not sure what you mean here.

Just from 1 log:

User agent
Mozilla/5.0 (Linux; Android 7.0; Redmi Note 4X) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.116 Mobile Safari/537.36

As far as ignoring known bots is concerned, the example below illustrates your current rule with the addition of this capability:

Expression:

(ip.geoip.country in {"CN" "RU" "UA" "FR" "GE" "AR" "SE" "NL" "DE" "IT"} and not cf.client.bot)

Anyway, I don’t think my suggestion would make sense in the face of what you’ve just exposed.


I was expecting to see some User Agent related to Cloudflare’s own features, like Always Online, for example. This, however, refers to that of a smartphone and, therefore, I don’t know situations where requests like this could be originated from Cloudflare network.


I really appreciate you sharing, but unfortunately, my guesses have run out for now.

Hope some other user can help to clarify it. I will keep an eye on this topic.

This topic was automatically closed after 30 days. New replies are no longer allowed.