Partener application blocked

daniel134 · August 11, 2023, 10:42am

I have an api call from one of our partners applications that is continually blocked by Cloudflare.
I have created an WAF rule to exclude the user, agent or url and skip the blocking but that rule is never applied.

This is the json for the blocked request. Not sure what managed_challenge is and how I can stop Cloudflare blocking my request.

{
“action”: “managed_challenge”,
“clientASNDescription”: “MICROSOFT-CORP-MSN-AS-BLOCK”,
“clientAsn”: “8075”,
“clientCountryName”: “NL”,
“clientIP”: “23.97.208.174”,
“clientRequestHTTPHost”: “ivatherm.ro”,
“clientRequestHTTPMethodName”: “GET”,
“clientRequestHTTPProtocol”: “HTTP/1.1”,
“clientRequestPath”: “/wp-json/ivatherm/v1/hello”,
“clientRequestQuery”: “”,
“datetime”: “2023-08-11T10:30:47Z”,
“rayName”: “7f4fce20bd130ea0”,
“ruleId”: “bot_fight_mode”,
“rulesetId”: “”,
“source”: “botFight”,
“userAgent”: “PostmanRuntime/7.32.3xx”,
“matchIndex”: 0,
“metadata”: ,
“sampleInterval”: 1
}

Laudian · August 11, 2023, 11:22am

You need to disable bot fight mode, as it cannot be skipped by rules.

daniel134 · August 11, 2023, 11:48am

Yes I did that and it works now. I was hopping to be able to bypass it for this case which was a false positive.

epic.network · August 11, 2023, 2:01pm

Super Bot Fight Mode in the Pro plan has a Skip action.

system · August 14, 2023, 2:01pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.