Exclude ip from "Bot fight mode"

Hi,
I have an external service that is tagged as “Bot fight mode” and is blocked. How can I exclude from block?

Welcome to the Cloudflare Community!

If you’re talking about free plan’s Bot Fight Mode, your only option is to turn it off entirely. With Super Bot Fight Mode, you can use Custom Rules or IP Allow Rules to allowlist specific IPs.
https://developers.cloudflare.com/bots/troubleshooting/#what-should-i-do-if-i-am-getting-false-positives-caused-by-bot-fight-mode-bfm-or-super-bot-fight-mode-sbfm

Important considerations you need to be aware of before turning on BFM or SBFM

  • BFM and SBFM are high security features intended to quickly help customers under active attack stop as many bots as possible. Due to the high security threshold, false positives do sometimes happen.
  • BFM has limited control. You cannot bypass or skip BFM using the Skip action in WAF custom rules or using Page Rules. BFM will be disabled if there are any IP Access rules present. If you turned on BFM during an attack, and the attack has subsided, we recommend either disabling the feature using IP Access rules to bypass BFM, or looking at Bot Management for Enterprise, which gives you the ability to precisely customize your security threshold and create exception rules as needed.
  • SBFM can be bypassed with IP Access Allow action rules. You can use the Skip action in WAF custom rules to specify where Super Bot Fight Mode should not run.
2 Likes

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.