Internal site error popup

What is the name of the domain?

What is the error message?

error Just a moment…*{box-sizing:border-box;margin:0;padding:0}html{line-height:1.15;-webkit-text-size-adjust:100%;color:#313131;font-family:system-ui,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji}body{display:flex;flex-direction:column;height:100vh;min-height:100vh}.main-content{margin:8rem auto;max-width:60rem;padding-left:1.5rem}@media (width <= 720px){.main-content{margin-top:4rem}}.h2{font-size:1.5rem;font-weight:500;line-height:2.25rem}@media (width <= 720px){.h2{font-size:1.25rem;line-height:1.5rem}}#challenge-error-text{background-image:url(data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIzMiIgaGVpZ2h0PSIzMiIgZmlsbD0ibm9uZSI+PHBhdGggZmlsbD0iI0IyMEYwMyIgZD0iTTE2IDNhMTMgMTMgMCAxIDAgMTMgMTNBMTMuMDE1IDEzLjAxNSAwIDAgMCAxNiAzbTAgMjRhMTEgMTEgMCAxIDEgMTEtMTEgMTEuMDEgMTEuMDEgMCAwIDEtMTEgMTEiLz48cGF0aCBmaWxsPSIjQjIwRjAzIiBkPSJNMTcuMDM4IDE4LjYxNUgxNC44N0wxNC41NjMgOS41aDIuNzgzem0tMS4wODQgMS40MjdxLjY2IDAgMS4wNTcuMzg4LjQwNy4zODkuNDA3Ljk5NCAwIC41OTYtLjQwNy45ODQtLjM5Ny4zOS0xLjA1Ny4zODktLjY1IDAtMS4wNTYtLjM4OS0uMzk4LS4zODktLjM5OC0uOTg0IDAtLjU5Ny4zOTgtLjk4NS40MDYtLjM5NyAxLjA1Ni0uMzk3Ii8+PC9zdmc+);background-repeat:no-repeat;background-size:contain;padding-left:34px}@media (prefers-color-scheme:dark){body{background-color:#222;color:#d9d9d9}}

What is the issue you’re encountering

Internal users cannot use essential functions

What steps have you taken to resolve the issue?

Checked browser settings, restarted computers, checked internet settings, AI reported it was a CLoudflare issue.

It is our backend website that is affected. Cloudflare is displaying a challenge page when we use some critical functions. However, it appears as this popup in which we can see just HTML and not actually interact with it. If anyone has any ideas, that would be great as it is blocking critical functions for us.

If it comes from Cloudflare, you should be able to see the challenged or blocked event under the Security tab → Events at Cloudflare dashboard for your zone and know exactly which security option was triggered.

Once you find them, click on a particular one to find more details about it (user-agent, IP, HTTP version …). If yes, could you share some details which service was triggered that blocked you?

Wonder if it was Browser Integrity Check or something else was triggered such as Custom WAF rule with e.g. JS Challenge, if you’ve got some, based on the one of the criteria.

Hi, thank you very much for helping!
Yes I did find one event that started it:
It was one event that Cloudflare blocked successfully based on Managed rules - Cloudflare Managed Ruleset efb7b8c949ac4650a09736fc376e9aee, rule Anomaly:Header:User-Agent - Fake Bing or MSN Bot (ae20608d93b94e97988db1bbc12cf9c8).
Unfortunately, 66 seconds later it started “Managing” our internal computers’ “challenges” based on Managed rules - Cloudflare OWASP Core Ruleset (4814384a9e5d4991b9815dcfc25d2f1f), Rule 949110: Inbound Anomaly Score Exceeded (6179ae15870a4bb7b2d480d4843b323c). We were unable to use particular functions on particular computers.
I can see now that the OWASP ruleset will need some tweaking so that this doesn’t happen again, especially with our internal addresses. It did manage to block some attacks during the time it accidentally blocked us, so that’s great without a doubt.
Thank you for pointing me in the right direction!

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.