Is it possible to have the “I’m under attack” mode enabled but allow a certain IP to bypass that challenge, for example for API access?
I have configured the following firewall rule:
IP address equals <IP> then allow
but it does not allow the IP to bypass the “I’m under attack” challenge.
Your Firewall Rule can take the place of the Under Attack challenge.
Set the rule to say If IP Address does NOT equal, then JS Challenge. Then make sure you’ve disabled the Under Attack Mode toggle.
Thank you for the response, but the IP is still being sent to the Javascript challenge.
Yes, I have disabled the “I’m under attack” mode and my firewall rule looks like this:
(and yes, the IP is correct)
Take a look at Firewall Event Log (under Firewall tab) and see why it’s blocking your request(s).
Filtering by the IP does not show any entries.
