cURL not functioning correctly because of Cloudflares Robot check

Hi,

We have an issue on our sites where every single cURL that the server makes is being met with a “Please wait while your request is being verified” page, for example see below

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta name="robots" content="noindex, nofollow">
<title>One moment, please...</title>
<style>
body {
    background: #F6F7F8;
    color: #303131;
    font-family: sans-serif;
    margin-top: 45vh;
    text-align: center;
}
</style>
</head>
<body>
<h1>Please wait while your request is being verified...</h1>
<form id="wsidchk-form" style="display:none;" action="/REMOVINGSTRINGHERE" method="get">
<input type="hidden" id="wsidchk" name="wsidchk" />
</form>
<script>
(function(){
    var west=+((+!+[])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+[])+(+!+[])+(+!+[]+!![]+!![]+!![]+[])),
        east=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+!+[]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![])+(+!+[]+[])+(+!+[])),
        x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} },
        y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("onreadystatechange",y);};
    y(function(){
        document.getElementById('wsidchk').value = west + east;
        document.getElementById('wsidchk-form').submit();
    }, false);
})();
</script>
<script defer src="https://static.cloudflareinsights.com/beacon.min.js/REMOVINGSTRINGHERE" integrity="sha512-M3hN/6cva/SjwrOtyXeUa5IuCT0sedyfT+jK/OV+s+D0RnzrTfwjwJHhd+wYfMm9HJSrZ1IKksOdddLuN6KOzw==" data-cf-beacon='{"rayId":"7b06204dace34d27","version":"2023.3.0","r":1,"b":1,"token":"REMOVINGSTRINGHERE","si":100}' crossorigin="anonymous"></script>
</body>
</html>

I assume this is Cloudflares wsidchk based on all the searches I’ve done on Google. I’ve attempted to create a allowlist exception in Cloudflare to prevent this from affecting cURL by adding the following WAF rule to both the servers domain & the website domain.

The IPv4 is the webhosting servers IP, The IPv6s the webhosting servers IP and the Host is the actual domain where cPanel/WHM is located.

It hasn’t done anything to help the situation and I can’t figure out why it’s being so aggressively checked by this “Are you sure…” page.

I’d appreciate any advise!

Are you calling curl to hosting.<domain> or from that domain?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.