Firewall Rules do not work anymore as in the past

Hello,

last months I have only problems with my firewall rules. Earlier the rules were just working fine. I did not change anything, and now the rules are working somewhat wrong.

Example 1. A rule calls “JS challenge”. But now this rule calls also “Challenge” - I see it in the firewall log. And this is wrong.

Example 2. I have a GeoIP rule what calls “Challenge”. It worked perfect with the Tor network. But now I cannot see my website from the Tor. I get always a “Challenge” to solve. It does not matter, I can solve the challenge a lot of times, but I don’t get my website. I get always a new “Challenge” in unlimited loop.

The rules worked perfect for years, but last months it is a catastrophe.

It seems like someone by Cloudflare did a wrong programming for the processing of the rules.

Please help!

  1. It sounds like you want JS Challenge; not Challenge (Captcha)
  2. You can exclude the Tor (T1) network if you don’t want it challenged.

Oh no, please! Did you read my text?

  1. Sure I’d like to have JS Challenge and I have setup for it. But Cloudflare makes Challenge instead of JS Challenge. This is wrong and worked different in the past.

  2. I want the Tor network will be challenged. But Cloudflare makes the unlimited loop with Challenge (h-captcha or so). This is wrong and worked different in the past.

Rule 1.
(ip.geoip.country in {“DE”})
JS Challenge

Rule 2.
(ip.geoip.country eq “DE”) or (ip.geoip.country ne “DE”)
Challenge

This combination worked perfect for years!

Encryption:

Rule 1. All IPs from Germany get the “JS Challenge”. Exit.

Rule 2. If the rule 1 was not applied, we are in the rule 2. And here all IPs get the “Challenge”. Exit.

Now you cannot see the website (from Tor, USA, whatever) because of the unlimited Re-Captcha loop.

Cloudflare is slowly disappointing me.

Yeah…it was text only. No domain name to test, no screenshots of the rules mentioned. You’re certainly welcome to open a support ticket.

To contact Cloudflare Customer Support, login & go to https://dash.cloudflare.com/?account=support and select get more help. If you receive an automatic response that does not help you, please reply and indicate you need more help.

Thank you for the advise with the “reply” to the automatic response. I have to try it.

The rules are the following:

Rule 1.
(ip.geoip.country in {“DE”})
JS Challenge

Rule 2.
(ip.geoip.country eq “DE”) or (ip.geoip.country ne “DE”)
Challenge

You can try it with your GeoIP (e.g. “US”). Then check it from a normal browser and from the Tor browser.

A normal browser should show you only JS Challenge (for me it shows also Re-Captcha)

The Tor browser should show you Re-Captcha (for me it works as unlimited Re-Captcha loop)

This topic was automatically closed after 14 days. New replies are no longer allowed.