Cloudflare is blocking requests with code chunks inside

What is the name of the domain?

app.codesmooth.dev

What is the error message?

Sorry, you have been blocked!

What is the issue you’re encountering

Cannot send a POST request from my admin panel

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full

What are the steps to reproduce the issue?

I have a programming elearning platform, so it’s totally fine to send code chunks in markdown in request, so I want to disable that security setting, I already created a custom rule in WAF and doesn’t help

  1. make a POST request with python -m venv in the body anywhere

Screenshot of the error

Check your security event log for the reason that the request was blocked and then make sure your WAF rule works rounds it correctly…
https://dash.cloudflare.com/?to=/:account/:zone/security/events

this is my latest log, all request coming through /admin section have status skip:

{
  "action": "skip",
  "clientASNDescription": "NETFALA",
  "clientAsn": "47790",
  "clientCountryName": "PL",
  "clientIP": "185.152.123.75",
  "clientRequestHTTPHost": "app.codesmooth.dev",
  "clientRequestHTTPMethodName": "POST",
  "clientRequestHTTPProtocol": "HTTP/3",
  "clientRequestPath": "/admin/root-folders/folder/clwaepi2j0002xx525balsgwz",
  "clientRequestQuery": "?_data=routes%2Fadmin.root-folders_.folder.%24id",
  "datetime": "2024-10-02T20:30:24Z",
  "rayName": "8cc7733c5dd6bf94",
  "ruleId": "39f63a07106e4734854f528fed516620",
  "rulesetId": "03a038f01bd94361bac6dc1ad6f287e6",
  "source": "firewallCustom",
  "userAgent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36",
  "matchIndex": 0,
  "metadata": [
    {
      "key": "ruleset_version",
      "value": "12"
    },
    {
      "key": "version",
      "value": "1"
    },
    {
      "key": "type",
      "value": "customer"
    }
  ],
  "sampleInterval": 1
}

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.