Security rule

What is the name of the domain?

dining-out.co.za, sleeping-0ut.co.za, and more

What is the error number?

No error number

What is the issue you’re encountering

Under Security rules for each domain I see a rule always allow for IP Address 69.59.169.66 Why is this here?

What steps have you taken to resolve the issue?

I did not add this. I don’t know why it is there and why.

What is the current SSL/TLS setting?

Full

What are the steps to reproduce the issue?

As I did not create this I wonder why it is there?

Screenshot of the error

You can check your audit log to see how it was added and when…
https://dash.cloudflare.com/?to=/:account/audit-log

If unsure what it is, delete it. Consider changing your password, activating 2FA and rotating your API keys and tokens to ensure your account is secure.

You probably added that because it’s your server, and you want to be able to access the site without being blocked.

Hi

I did not add this. I only setup some of the domains today and they all have this rule. I don’t see anything pertaining to this in the log.

I did not add this.

Hi

I have changed the rule from allow to block. It seems like an account wide rule as it is now blocked for all domains I added.

Yes, the screenshot shows “All websites in account”

Cloudflare doesn’t add rules itself, so someone (or some automation) added it and a record of it being done will be in the audit log (I think up to 18 months).

I can find in the Audit Log where I disabled it but there is no reference to it being created.

My account is 2 days old. The audit log only shows me changing it to a block.

My account is 2 days old.

I have decided to deleted the rule. Very peculiar. I would have loved to know where it came from.

This does tickle a memory as some sort of “helpful” automation, but not so strong a memory that I’ve heard of this happening frequently.

There is a 69.59.x.x. IP address in the domain history…
https://securitytrails.com/domain/dining-out.co.za/history/a