Firewall managed challenge vs Facebook Scraper bot

Hello, I have a rule that blocks the scraper bot in facebook sharing debugger

I tried with a rule (cf.client.bot) with action Managed Challenge (Recommended) but it returns 403. Thus I need to use Allow to make it works.

So I have a question that, is it fine in terms of security? Will it also allow some malicious bots?

cf.client.bot indicates a ‘known good’ bot. For future reference, https://developers.cloudflare.com/ruleset-engine/rules-language/fields/

You should make a rule where if cf.client.bot is true, use the Allow action.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.