Firewall rule potential false positive with no description

I’m having a WAF rule being triggered and can’t seem to get a better way to troubleshoot it as from the firewall logs there seems to be no useful information available to help with this.
So in this case no rule message or any sort of description. Is there a publicly available page that describe what each Ruleset and Rule means?
Below is what I get when exploring the Firewall events activity logs.

I’m stuck with what seems to be a bug on Cloudflare’s end that’s affecting one of the domains in our account. I’ve tried reaching out to support but then from the responses it seems that my free plan only supports Cloudflare community support. So what do I do if it’s an account and domain specific related issue? Is the community in a position to help with this? I did post the problem here and haven’t received a response yet. I’d like to have some assistance on this as a number of our customers keep getting randomly blocked and we can’t figure out how to help them.

The request was blocked because it reached a score of 25 on the OWASP Core Ruleset. Each of the 5 entries you see under “Additional Logs” increased the score by +5, even though it says +0 in your screenshot.

However, you shouldn’t have access to Managed Rules on a free account. I assume that’s why it says “Unavailable” everywhere. Did you ever have a paid subscription in the past?

1 Like

Thank you for responding. I received feedback from support and I strongly feel that this is an intentional bug that just seems not to be a priority to Cloudflare’s dev team. It turns out if you had a paid plan then downgraded the account domain then this problem will occur simply because the OWASP Core Ruleset are not disabled. The only way to make any ammendments is to upgrade the affected domain to a paid subscription or disable the Ruleset via the API.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.