I’m passing my AzureAd traffic through cloudflare, but it’s blocked a microsoft own BOT, even putting the URL as released, in the boot analysis momneot it is blocked,
Is the IP address fixed?
No, it comes from several microsoft ips, when creating the rule to allow the user agent “Windows-AzureAD-Authentication-Provider/1.0” and observing the logs it lets through, but then it is blocked by “Bot Fight Mode for Definite Bots”
The “Allow” action under Firewall Rules only works within the Firewall Rules itself, but it doesn’t affect how other Cloudflare security features (e.g. WAF, Security Level, Bot Fight Mode, Hotlink Protection) behave.
Unfortunately you can only turn Bot Fight Mode off if they don’t have a list of fixed IPs for you to whitelist in IP Access Rules.
Comes from various ips.
I can bypass bot security when I come from the page" /adfs/services/trust/mex ?
No. Except IP address.
In the enterprise license I can define this Bot release for the specific url?
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.