Has anyone experienced issues with the Cloudflare Specials WAF rule-set? It incorrectly triggers the SQLi rule when editing pages with Mediawiki markup code due to the usage of brackets, quotes and other non-alpha numeric characters.
I previously raised a ticket on this when we enabled the OWAP rule-set and without knowing the cause support just advised to disable/white-list (Which doesn’t address the cause but as they pointed out OWASP rules aren’t controlled by Cloudflare).
I have raised another ticket now and again the response has been disable/white-list, I think this is a fairly poor response considering they have done no investigation of the cause. I have requested they send the ticket to someone with technical knowledge to see what they say.
Has anyone else came across this?