Under Attack mode blocks Cron Job

General
#1

I have recently integrated my website with Cloudflare. After I activate under attack mode, the cron job doesn’t work. How can I allow this command to pass Cloudflare protection?

This is the cron job command:

curl -s https://zellu.vip/cron >> /dev/null 2>&1

And this is the respond I get when I use the same command on cPanel terminal (Cloudflare JS challenge form):

<!DOCTYPE html>
<html lang="en-US">
<head>
    <title>Just a moment...</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <meta name="robots" content="noindex,nofollow" />
    <meta name="viewport" content="width=device-width,initial-scale=1" />
    <link href="/cdn-cgi/styles/cf-errors.css" rel="stylesheet" />

<script>
    (function(){
        window._cf_chl_opt={
            cvId: '2',
            cType: 'managed',
            cNounce: '63040',
            cRay: '73d2de558c63aa13',
            cHash: '8798957e8d0d72d',
            cUPMDTk: "\/cron?__cf_chl_tk=LPCPQoGBUQG03CPu6Yq7PPGJdpQQwLdTcvwjoZsyQwg-1660911890-0-gaNycGzNBZE",
            cFPWv: 'g',
            cTTimeMs: '1000',
            cTplV: 3,
            cRq: {
                ru: 'aHR0cHM6Ly96ZWxsdS52aXAvY3Jvbg==',
                ra: 'Y3VybC83LjI5LjA=',
                rm: 'R0VU',
                d: 'sR+42enOIlW2+5PN3DE1fyALnmqs2khbwj6i0+FYbPLyn9NEWsNLgD6659b9/mXMhdRAxwgomGgkfBnKx6rcPCr5b3oFASbRhL4tLgMMLmEPOQ/KJ1tw3GVXhQ5SZTncc29XdiPD3ThmXBKpXlpol4a7nQXZnmdkVzTLL9AIbcRFd476KzDc3fvTWtOt6QpsdIMgHImYxa2DXD/ShmL+pz1586WdbK3ZqIPYzwA+YzbeiOG32jntSelqkI0LklOF4xucBPM/IvV0ACzVS0LkSXMF1uy/ZT5DXzZe4amNgXqzp4QbHL3/FQkpH2mLzIc/P+XK4TrE5VIDWEnhNpEWeir4Lv5P90m0KHEtD8V3zKdIad4Fr8skVmabxNws+W1MlrhtIzltLFGxkxe9oNrO5DSxNqEoIXXMATvI1zgYNlgaB1ei1EOMNeh6Cyx2aI1D29e+i9nEoA/6JMqrd9TrmhVjzCdvWBIDR9c8/387Tu98BcRJRVaK9AWzS44IVHhL3wbpYOW9zuQ5udXa1tREq12oK91kOvKS3noWKL8CYkgwr8Zsjpa5dTf5j2QjhIsyiTDMepIMGtZjX5+BTmfuoXLict350PUcbZgwbrUxgAPZcccTcxxyRPLnOH6mIkQR',
                t: 'MTY2MDkxMTg5MC44MTIwMDA=',
                m: 'rT6y+1ID7JQflrplx1awu92hDvgnSCeNo1nBlmAPB3U=',
                i1: '2bMp6v+5zGQi8HHe4RnHaA==',
                i2: '2HwB8emk71cxOOiW6oRQ6g==',
                zh: '/n+8hAugF+mgd+CeBqNKsBRiZM5bNOf1tnQHikH0phQ=',
                uh: 'lfaOk+NyH74GFUMHeUy9vGmMwLK+UFwcpaGCL1YImrk=',
                hh: 'BTrh/8pXbjUy3ab3h+4GQC+2JCsPumVeOjBmx+Slp3Q=',
            }
        }
        window._cf_chl_enter = function(){window._cf_chl_opt.p=1};
    })();
</script>

</head>
<body class="no-js">
    <div class="main-wrapper" role="main">
    <div class="main-content">
        <h1 class="zone-name-title h1">
            <img class="heading-favicon" src="/favicon.ico"
                 onerror="this.onerror=null;this.parentNode.removeChild(this)" />
            zellu.vip
        </h1>
        <h2 class="h2" id="cf-challenge-running">
            Checking if the site connection is secure
        </h2>
        <noscript>
            <div id="cf-challenge-error-title">
                <div class="h2">
                    <span class="icon-wrapper">
                        <div class="heading-icon warning-icon"></div>
                    </span>
                    <span id="cf-challenge-error-text">
                        Enable JavaScript and cookies to continue
                    </span>
                </div>
            </div>
        </noscript>
        <div id="trk_jschal_js" style="display:none;background-image:url('/cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=73d2de558c63aa13')"></div>
        <div id="cf-challenge-body-text" class="core-msg spacer">
            zellu.vip needs to review the security of your connection before
            proceeding.
        </div>
        <form id="challenge-form" action="/cron?__cf_chl_f_tk=LPCPQoGBUQG03CPu6Yq7PPGJdpQQwLdTcvwjoZsyQwg-1660911890-0-gaNycGzNBZE" method="POST" enctype="application/x-www-form-urlencoded">
            <input type="hidden" name="md" value="_m2hJ3aW85ghfDOTJDD31dyCUt7UCiQhZQuR4RFXc0k-1660911890-0-AaN1nfXT-2O_W_B7zME5QWhnumrfAoVuGgoxrUCyzLG8NILLcePqxbDh3jJGVsqKmKoswKH8BAqcZbmpeLuSLnb61-QVwgsodHGbkh43rDWWH9tJnhtFrm0A_TyBRsSa677kIhdcV8-2LnH9SD4hWUzoe_03sDvepNNt13ETotva9iEIN_TH63eEnwwDYw9zWmtM1msPxlGFd8LFHwZNiC_RNLXa6NhHUKpUZOn8l7YaJvTzjZteQrhYceW6-rKXQ1JyDnR4IiOjSz3koRSwUT9khxa2fS4qlfpO5gatjaMWgl0dZlckXRexhIpeei8e7Qdf2HzWDgVC0zzBkktIcW4jvmQuR9uDxBC9z4IWpKueljGOb6a4n1h3s37_tV0aZVYWgkbbo3sutdK_M2Rro2Z38SFMZfMd-kd3e0oOoCj4BMeLTvjnBw5xlrt8grfUXntw95yhYG41_IHExAr7nSk-XDBykEZCDVKZ9m2BlU1YJ1V6B9aPiEqIeZh-eqwseUUPMzP1rpQMz3-N8ySE39fvGm3zT2yd60mcb6_6u5CgtIgl6GZzvREHhKZ4vuimYGrhypKm5C1fHw6sD2S8znenl9CnAQIdUmsOYD_nyhBoJXSyOlfWtzIDhrsXvr3y3A" />
            <input type="hidden" name="r" value="K.KIH12L67drE6aDZUq.f9z_JlY6R2INvS9WUwghuWo-1660911890-0-AQ8U34lRDxVVH/RhFu7Wfas79qeZ5SMfxVL1l4A/1JnDhISjrk+GRjVCYnzfGcpgED4xFbiJ8xboNNKTbwBI+3JowTog9ZW095sxVX6E65w3za2XT/BU2cqv1tPrWt8M9Z7n9vBGKuwoCoCneJ3k1i4vPyMtbXkxalyfygSGWPWJRjvtx8jSH52VaME7iE2K19TcmWnVJG7mcoYJFRXRR0ay1DNADYefoONaHY/0sZtT9R9HXYebe5PELeJvHQw3jzkx+VGXBeGTPRTnH7IlUxfV+HNsbTVJeMApj9y0zv9890eKW/dpUKlpeTTu0WDkbN640Tn0IuqDA57F7gzFhPoOSDbNal/TBRD5RFnRXc7wE9dlz8GGbszPE0atNhKeXu6Z1Jt3jWTbaEHBuDYs/Z5G7a3cASNtwSjFKgVCqBalH8Vb+Pls2J/vXGK86RdPiwhZd9wPEF9QFwJ7d+KbeS5MdX9A+LcadVv7CDz8SWuKaUa2nILNQO5lYe5mI86aOfvFa7t9W/xUr4WB2jgIllCNAsgJJ0iZh/4Nef29cKFP+2t0pjiV4vP0Im8mjP8WArTgeJQZJJLiGveS+bAEOI+aOaaoO0cT/xUmvYaUnZlpU4ltijxWouB6DIdq3F3fLetSWXvIAjG3cQTai76yy3kNjuNXqOAjJXaqOdlzTqF5aayiOUJc50iggTKZ5lLcFE1yZoFsYnfVJOaXI/FPnSaOhkYe1t/pKrkmh5+1BNrTSUekgYzKh3ZG2umelmAIl9M2nf7NK5ff8ah2hTmXq4GFhzr0lSzAKmHctRD44zy8lOlffKMMXXWPANap6N660VnKagbk/EBlJp2MfXimbPDxLtp2qpER9rHVPqXFQgF2F1CFZ2sIS2vC4jVmUDU00zKgjZvzPEocVxFGEti4TUUXHUE1buuHnAUsNfKBvShx2NH8/b4Nsg9g99WPxdiQPgEUxJrN2GxZHmZyqZ8c/UVkqR0j3QJI36mtcZf35OxM1B9j7Na1keWHunULh15+GcCc70jIYD01yNBnxGuBABHFwqY2gb2BgsG1P/PHp59zunhKRmItYxbBbDieAslK9k/PaQiF7+y7KYtrxwvgBNJc2fL2kHZFrJHvbbIpYeBJgDdejip/4JkKCdqUDvCtYcpyQ16TKNFd9V3kH5alusmJhhqiJ3oFEZwvQrILJ1vnFWpA2WhoY0vC/U/4uOMzwAsDZXpRxNrUY0Cn0Y79NdG2PaTRLjN6W6U3aST1ewNAC7nDX6g0J7tw4dDXNdFaFEA+gqGTnCO6l+mKMReRQK6kQHJvyJOL+w3Wap0yGn5OpLvbUrw/PoyBy7FnwF64ANaBP4P5qCFKB92rUhfQi+4="/>
        </form>
    </div>
</div>
<script>
    (function(){
        var trkjs = document.createElement('img');
        trkjs.setAttribute('src', '/cdn-cgi/images/trace/managed/js/transparent.gif?ray=73d2de558c63aa13');
        trkjs.setAttribute('style', 'display: none');
        document.body.appendChild(trkjs);
        var cpo = document.createElement('script');
        cpo.src = '/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=73d2de558c63aa13';
        window._cf_chl_opt.cOgUHash = location.hash === '' && location.href.indexOf('#') !== -1 ? '#' : location.hash;
        window._cf_chl_opt.cOgUQuery = location.search === '' && location.href.slice(0, -window._cf_chl_opt.cOgUHash.length).indexOf('?') !== -1 ? '?' : location.search;
        if (window.history && window.history.replaceState) {
            var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;
            history.replaceState(null, null, "\/cron?__cf_chl_rt_tk=LPCPQoGBUQG03CPu6Yq7PPGJdpQQwLdTcvwjoZsyQwg-1660911890-0-gaNycGzNBZE" + window._cf_chl_opt.cOgUHash);
            cpo.onload = function() {
                history.replaceState(null, null, ogU);
            };
        }
        document.getElementsByTagName('head')[0].appendChild(cpo);
    }());
</script>

    <div class="footer" role="contentinfo">
        <div class="footer-inner">
            <div class="clearfix diagnostic-wrapper">
                <div class="ray-id">Ray ID: <code>73d2de558c63aa13</code></div>
            </div>
            <div class="text-center">
                Performance &amp; security by
                <a rel="noopener noreferrer" href="https://www.cloudflare.com?utm_source=challenge&utm_campaign=m" target="_blank">Cloudflare</a>
            </div>
        </div>
    </div>
</body>
</html>
#2

You generally should not be using UAM unless your website is actively under attack. UAM requires all visitors to pass a CAPTCHA or JavaScript challenge before proceeding, which is both annoying for real users and breaks automated scripts such as this cron job.

With that said, you can create a Firewall or IP Access Rule to bypass the challenge for requests with specific characteristics. You can read more about Firewall Rules here and IP Access Rules here.

3 Likes
#3

Thank you. I created a bypass rule for server’s own IP address and it works now but would that cause any security vulnerabilities?

#4

It should not be a problem if you control the IP address. You should find a different solution if it is a shared IP address.

#5

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.