Images on Gmail are not being displayed, for example, the logo

I receive images on Gmail that are not displayed, they are broken, and the link appears like this:
https://ci3.googleusercontent.com/meips/ADKq_NZ5AF3TkbAbJ6WUwDbWJWR3PWRy2eTckhxuKnwua-NHpe1IByuIoNc-4av_lVhokQWA22zChRKAIsWpURHjp95VOW8DA_AYs4wcbFI-TXenxvbYWSKpyyma793A1zXnWhh365DuFaqdNKTTbbp8kxf5uxbhYA=s0-d-e1-ft#https://www.facechat.it/uploads/monthly_2022_04/log-fc.png.95f40c317411720df27a8e649db07561.png


If I disable Cloudflare, the images are displayed correctly. Can someone help me? The logo on my website is not visible only on Gmail. In the settings, images are allowed, so it seems to be an issue with Cloudflare!

Cattura

Google is downloading (and caching) images on Gmail, so you’re not actually downloading them directly from their original source.

Can you check the Security Events page around the time the email was sent?

https://dash.cloudflare.com/?to=/:account/:zone/dns/security/events

I added a WAF rule, where I set it to block known bots. Why is it blocking Google’s ASN?


Could it be because of this? Setting known bots means they are threats and should be blocked? Can you give me some clarification, please? Thank you.

Here I think you misunderstood the point of “known bots”.

The known bots are believed to be good bots, not bad bots.

A rule, based on your own screenshot and explanation, like this:

Will therefore be blocking the majority (if not all) of Google’s bots (as well as all other verified “known bots”), even when the bot is actually considered to be a “good” one.

By creating a WAF rule, I ignored the important ones. Enabling that rule helps mitigate DDoS attacks. Every time I experience an attack, I receive a massive number of requests that end up there, so I don’t believe they only block good bots. Otherwise, every time I get attacked, I wouldn’t be flooded with 4k requests in a short amount of time.


I performed an IP stress test, and as you can see, it floods me with thousands of calls. By ignoring bots like Google and PayPal, now I can see images on Gmail.

Doing some research, I found this.

By enabling and setting the “Known Bots” rule to “block” in Cloudflare, you are blocking all bots known to Cloudflare, both benign and malicious. This means the rule will block safe bots like Google and PayPal bots, as well as malicious bots.

If your goal is to block only malicious bots while allowing benign bots to access your site, you need to configure the rules more specifically. Cloudflare offers the ability to distinguish between benign and malicious bots using its Bot Management service. Here’s how you can do that:

  1. Use Bot Management:
  • Cloudflare Bot Management provides advanced tools to identify and manage different types of bots. With this service, you can configure rules that block only malicious bots without blocking safe ones.
  1. Configure Custom Rules:
  • If you don’t have access to Bot Management, you can create custom WAF rules to specify which bots to block. For example, you can create a rule that blocks bots based on suspicious behavior or specific user agents known to be used by malicious bots.

Here’s an example of how to configure a rule to block only malicious bots:

  1. Log in to the Cloudflare Dashboard.
  2. Go to the “Firewall” section.
  3. Create a new WAF rule.
  4. Define the conditions to identify malicious bots: For example, you can use criteria like IP addresses known for malicious activity, suspicious user agents, unusual traffic patterns, etc.
  5. Set the action to “Block” for these specific conditions.

In summary, the default “Known Bots” rule in Cloudflare blocks both benign and malicious bots. To block only malicious bots, you need to use a more specific approach or enable Cloudflare’s Bot Management service.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.