Is Let's Encrypt / Certbot a "Known Bot"?

I’ve setup a site to challenge visitors outside of our country (UK), with the exception of “Known Bots” which get a free pass from any location.

I was curious to see if our local Certbot SSL certificates would renew correctly, or whether Certbot would be blocked by the challenge. I tried a dry-run renewal, and it went through fine. I checked our origin access logs and could see an IPv6 address for Cerbot. I did a lookup of the IP, and it appears to be an Amazon AWS IP from the USA.

I wondered if this means that Certbot is a “Known Bot”? I didn’t see it listed on the Known Bots page here: https://developers.cloudflare.com/firewall/known-issues-and-faq#how-does-firewall-rules-handle-traffic-from-known-bots

Edit: I think I answered my own question. I checked in the Cloudflare Firewall Events and could see Certbot was allowed access with the expression cf.client.bot so I guess it is a known bot.

2 Likes

Yup. I will mark this topic as solved now.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.