Dear community,
I am trying to do a host-to-host API call with Service Token. The problem is that when I am trying to call from server, Cloudflare is considering the request as bot even through I have provided CF-Access-Client-Id
and CF-Access-Client-Secret
.
The same call works from my local but not from the server.
Here my CURL command looks like:
Any help would be highly appreciated.
KianNH
May 11, 2022, 10:23am
#2
Those tokens are purely to bypass Cloudflare Access - the WAF (which you’re hitting) is a separate layer.
If it’s being caused by Bot Fight Mode in https://dash.cloudflare.com/?to=/:account/:zone/security then the only way you can stop it is turning off Bot Fight Mode or whitelisting the originating IP in IP Access Rules.
Introduction
While blocking bots is appealing, we often find in the community that people run into issues while using Super Bot Fight Mode (SBFM). Below you can find a quick summary of the most common questions.
How to create a bypass rule for SBFM?
In short, you can’t ; however, there is one workaround that might work for some setups.
IP Access Rules can allow you to exclude an IP or set of IPs from being challenged by SBFM; however, this carries a few issues:
IPs can chan…
Thanks it worked but managing the IP is sometimes tricky
system
closed
May 14, 2022, 1:02pm
#4
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.