Firewall blocks Googlebot, Jetpack & Photon

Security
#1

Since I activated the WAF Firewall last Friday the Cloudflare Firewall now blocks the Googlebot, Jetpack and Photon. I couldn’t find any rules or the reason why those get blocked. Under “Match Triggered” it just says “Filter: 843e02a4eea…”

I thought Cloudflare knows the IPs of Googlebot and has them whitelisted? How come they still get blocked and how do I solve this?

#2

Hi @villa,

If a firewall event is triggered by the WAF, it will show with which rule was triggered and the description of the match triggered, I would’t expect it to show what you have described above.

That would mean to me that it is a Firewall Rule that you have created that is causing the issue, which do just show Match Triggered: Filter … as you described.

I would suggest you take a look at what Firewall Rules you have created in the dashboard and see if they could be causing the issue.

For example, if you currently have

image
image982×384 16.4 KB

that could be causing the issue, you could add the line
image
image956×123 5.35 KB

Which will use

and then not block the requests if they are from a known crawler etc.

Link:
How does Firewall Rules handle traffic from known bots?

2 Likes
#3

Thanks for the detailed reply. Originally I thought that it could be the Cloudflare Managed Special rules as described in this thread but if you say the filter points to a Firewall Rule created by me it confuses me even more as I only blocked countries like Russia, Ukraine and so on by using “country equals Russian Federation -> block”.

Block-Russia
Block-Russia.png983×692 20 KB

I didn’t block US traffic and I can’t think of any other rules that could lead to this outcome, so as said, I’m really confused. Is their any way to match the “Filter: 843e02a4eea…” to a specific rule? I would like to see which rule this filter is triggered by. Right now I saw in the list that even a User Agent Cloudflare-Diagnostics was blocked by “Filter: 081ffbb8ef…”

#4

This is unfortunately not too easy.

I have thrown together this quick tutorial on how to do it, following a discussion with Cloudflare Support.

1 Like
#5

Dear @domjh,
thanks again for your help! I followed your great instructions Viewing the Rule ID of a Firewall Rule and checked which rule triggered the filter and the issue is, that the rule/ID is not listed there…
I don’t know if it’s a bug or what causes this. I have created a new rule which allows all known bots and this shows together with the non-existant rule.

Another, separate, issue is that the “jetmon/1.0 (Jetpack Site Uptime Monitor by WordPress.com)” seems not to be included in the Known Bots list!?

1 Like
#6

:thinking:

Without access to your account here on the community, I would suggest you get in the queue with support as I expect they will be able to figure it out quickly!

I will also have another look when back on desktop (on mobile ATM).

To contact Cloudflare Customer Support, login & go to https://dash.cloudflare.com/?account=support and select get more help. Please give Support the complete details and link to your Community post. Here’s a bit of background on Cloudflare Support for reference:

https://support.cloudflare.com/hc/en-us/articles/200172476-How-do-I-report-a-bug-to-Cloudflare-

#7

This topic was automatically closed after 30 days. New replies are no longer allowed.