Problem with requests from Azure API Management

Hi there,

We are facing a problem when our client try to call our API from Azure API Management. Even having us created a firewall rule to permit the request, we got it blocked with this message:

"action": "block",
"clientASNDescription": "MICROSOFT-CORP-MSN-AS-BLOCK",
"clientAsn": "8075",

  {
    "key": "group",
    "value": "cloudflare_specials"
  },
  {
    "key": "rule_message",
    "value": "Drupal, Wordpress - Anomaly:Header:X-Original-Url, Anomaly:Header:X-Rewrite-Url - CVE:CVE-2018-14773"
  }

We know that is something they are rewriting on header, but we don’t know how to show than what they shoud change.

Someone have faced something like this?

If you’re not using Drupal or Wordpress you could also just disable the WAF rule for it.

At Firewall->Managed Rules->Cloudflare Managed Ruleset select the advanced button

Then search for Drupal, Wordpress - Anomaly:Header:X-Original-Url, and then you can just go ahead and switch the rule’s mode to Disable to prevent the rule from triggering anymore

Thank you for the answer!

Is it possible to disable just for one origin (requester)?