Server side curl blocked by Cloudflare


We are having an issue with some of our customer’s cloudflare configuration.
I am still a bit unfamilliar with cloudflare myself, and was hoping to find some advices here.

We need to make daily server side calls to our customer’s RSS feed in order to automatically send webpush notification to their suscribers.

For some of them, cloudflare seems to block us. The content returned is an html page with the following challenge error text : “Enable JavaScript and cookies to continue”.
If I try to execute a curl from my working station everything works fine, but if I do it from our production server, it fails.
My understanding of it is that Cloudflare identifies the origin of the request as an AWS server, and triggers a security challenge.

I am ensure how to guide our customers through the configuration dashboard to solve this issue.
The solution to simply allowlist our ip address would not work since it is almost never the same (AWS clusters).
Which parameter(s) should be turned off ? Should we add some rules for one page only, and how to proceed ?

Many thanks

You would need to ask them to review Security Events · Cloudflare Web Application Firewall (WAF) docs to find the requests you are making. In there, they will be able to see which rule is blocking those requests and they can then create bypass or allow rules depending on what specific feature is blocking:


Thank you Simon, I’ll be digging into that !

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.