Qualys scan over cloudflare

Hi,

I need to do PCI scan on my server. I was always using Qualys over Cloudflare without issue, but now I do not know why scan is not passing.
The Qualys reason is

The service aborted the scanning of the Web server before completion, since the Web server stopped responding to HTTP requests during the course of scanning. The service attempted to reconnect to the Web server two minutes later and found it responsive again. However, the service has stopped further scanning of the Web server to avoid possible interruption of the Web service.

But Cloudflare can not stop responding HTTP request and over Cloudflare I only have an HTML page on AWS S3, I do not understand how the web server can go unresponsive.

I added a firewall rule to bypass everything coming from Qualys

(ip.src in {91.209.196.32/28 199.66.200.32/28 178.255.82.64/27 64.39.96.0/20})

But I still have some request blocked for validation reason.
Anyway, when Cloudflare block a request I am pretty sure an HTTP response is returned with a 400 status or something like that, but the server will not be unresponsive.

Did someone already had this issue over Cloudflare, I am also open to use another service to scan my website if it makes it easier

Thanks !

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.