The topic of rule devices still being blocked

What is the name of the domain?

yuqingyubao.com

What is the issue you’re encountering

Bypass rules were set but were still blocked by cloudfire

What steps have you taken to resolve the issue?

I have configured WAF’s custom rules, and I will release them as long as the url I access contains “/api/pay/”. I have also set such rules in Configuration Rules, but they will still be intercepted by cloudfire. Why? Or what should I set so that URLs containing “/api/pay/” are not blocked?

What is the current SSL/TLS setting?

Off

I’d suggest you to double-check the Security → Events at Cloudflare dashboard under your Cloudflare account for your zone, or via direct link https://dash.cloudflare.com/?to=/:account/:zone/security/events.

You should be able to see the challenged or blocked event under the Security tab → Events at Cloudflare dashboard for your zone and know exactly which security option was triggered. Could be Managed Rules my best guess, otherwise Bot Fight Mode or Browser Integrity Check.

Once you find them, click on a particular one to find more details about it (user-agent, IP, HTTP version …). If yes, could you share some details which service was triggered that blocked you?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.