How to disable bot management?

We enabled bot management and a few days later got complaints that it was blocking legitimate traffic.

Going back to the dashboard to disable it, we discovered there was no option to disable it anymore (Enterprise plan). It’s been 24 hours since we contacted support about this and nothing from them besides the initial canned response.

Does anyon know how to bypass bot management? Any firewall rules to bypass every security measure have no impact and it seems whatever bot management is doing, it has priority.

1 Like

Bot management on the Enterprise plan is enabled and managed via Firewall rules.

I’d recommend getting with the person in your org who created the bot management rules to adjust them as needed.

Nobody created bot management rules. There are no firewall rules under Security > WAF > Firewal Rules that are related to bot management.

I tried listing the Firewall Rules through the API endpoint and it really does not have anything related to bot management. It was actually empty before we added some rules to try and workaround the situation.

When I check one IP address that’s being blocked, the dashboard shows:

Firewall Rules: rule unavailable
Managed rules: manage definite bots

I can’t find this “manage definite bots” rule anywhere.

I’ve tried to disable every single security measure and it has zero impact.

1 Like

In that case I would escalate to your account team.

For anyone having issues with Super Bot Fight Mode (SBFM), at least in the Enterprise plan, Cloudflare’s support confirmed the rulesets for SBFM are not visible through the dashboard once enabled.

List the rulesets for the zone:

curl -sL -H "X-Auth-Email: xxx" -H "X-Auth-Key: xxx" "https://api.cloudflare.com/client/v4/zones/xxx/rulesets"

Delete the ruleset with name:zone and phase:http_request_sbfm

curl -sL -X DELETE -H "X-Auth-Email: xxx" -H "X-Auth-Key: xxx" "https://api.cloudflare.com/client/v4/xxx/rulesets/xxx"

After removing the ruleset, the API requests that were failing worked immediately.

I’m not sure if it’s the same experience with other plans. I hope not, because it’s really confusing.

1 Like

@giovanni.ptirloni I’m curious; do you have the advanced security suite or is this a “standard” enterprise plan?

I don’t have visibility into our contract/billing but I’d say it’s standard, if I had to guess.

Got it. As far as I know; managing SBFM through firewall rules is out of scope even for enterprise customers, only those that hire the advanced security suite can use bot management properly.

Makes sense, that’s been my experience so far. Thanks for the pointer.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.