dot832.com
I manage WordPress websites and get blocked uploading plugins and other zip files.
I created a custom WAF rule to skip the firewall for my IP address however it does not work.
Log into WP site as administrator and install a plugin from an uploaded zip file.
It’s easiest to add it in IP Access Rules:
May I ask if you’ve added your IP address and action “allow”? 
Possibly youre home router IP address has changed since DHCP.
From the shared screenshpt, looks like “Managed Rules” service might be triggered and have blocked the action upload here
May I ask if you’re using Free or Paid plan type?
I’d suggest you to double-check the Security → Events at Cloudflare dashboard under your Cloudflare account for your zone, or via direct link https://dash.cloudflare.com/?to=/:account/:zone/security/events.
You should be able to see the challenged or blocked event under the Security tab → Events at Cloudflare dashboard for your zone and know exactly which security option was triggered. You can use Filter and URI path contains upload-plugin, otherwise use RayID equals the Cloudflare Ray ID from the bottom of the page (as on the shared screenshot is visible).
Once you find them, click on a particular one to find more details about it (user-agent, IP, HTTP version …). If yes, could you share some details which service was triggered that blocked you?
I have a static IP address and have the Partner Pro plan. The rule is setup per instructions. I will lookup the other details and report.
Ultimately what I want is to have a rule that bypasses the firewall for my IP address, or whatever uniquely identifies me.
Thank you for feedback.
From the shared screenshot, as I guessed, it’s the Ruleset “Cloudflare Managed Ruleset” and Rule ending with “…5969e60b” (d93f48eb05324adbb47f0d055969e60b) which was triggered:
Since you’re on a Pro plan, you can Add an Exception for such rule since it causes you the issue following the instructions from below article:
In picture:
OK. I got it to work. I wanted a more generic rule and added my IP address. What was interesting is that I had to use IPv6. IPv4 did not work. Thank you all for your help!!!
Clients default to IPv6 over IPv4 if both are available due to the happy eyeballs RFC. When creating allow or deny lists both should be included because the Internet is a many varied thing.
