I recently solved a problem with getting an intermittent 403 error with uptime monitoring services. It may be difficult to add every possible IP address and configure bypass rules for these services. What I did was create a specific page for the uptime service to monitor. For example www.example.com/service/
Then I created a WAF rule to skip all other rules when anyone tries to access /service/
By looking at the event log, I can also see which IP addresses are being used by these services in case I want to narrow access to that URL. Although I’m not sure this is necessary at the Cloudflare level since I have both server and website firewalls installed.