I am under attack mode for existing users


Does anyone know how I am under attack mode effects existing users browsing the site? Will their session get refreshed or will they get redirected to the security check page?

Thanks in advance

AFAIK, they won’t be refreshed or redirected, unless the site itself has a refresh mechanism. Whenever they click on any other page on your site, or try to reload the page, they will see the temporary security message from CF. After their browser is let in, they will not see this page again for the time interval you set on Dashboard > Firewall.

Thank you for that. Would you happen to know how rest endpoints are effected by the “I am under attack mode”?

  • If an existing visitor tries to make a rest call after it is enabled?
  • When a bot tries to make a direct call to the end point (without visiting the site of course).

Thanks in advance

1 Like

I don’t.

All I know, if this helps you somehow, is that if you try to access a URL in a browser that hasn’t been approved yet, it gets a 503 (where most bots are stopped, I guess), which is quickly turned to a 200 while the interstitial page does its magic. Then it’s all rewritten as a 302 and finally a 200 when you land in the requested file.

Also, you can whitelist by IP, Country or ASN under Firewall > IP Access Rules, if that helps you.

If the REST API needs to be visited only by users with a browser then you won’t have issues, but if bots need to access it without a browser they won’t work.

This topic was automatically closed after 30 days. New replies are no longer allowed.