Urgent Assistance Needed: Resolving file_get_contents Issue for Chat Integrations

I’m facing an issue with file_get_contents not working on my website, and this is something I can’t afford as I use it for chat integrations. I’m trying everything to get it to work. Can you please guide me on how to resolve this once and for all?Urgent Assistance Needed: Resolving file_get_contents Issue for Chat Integrations - Cloudflare Pro Subscriber Seeks Solution.
Thank you.

If you Pause Cloudflare (and wait five minutes), does it start working?

If I don’t use Cloudflare, file_get_contents works correctly, even if I disable it.

I provide you with more information: if I use file_get_contents for an external file, for example, https://test.cloud/test.php, then it works correctly. However, if I use the link in a file that is inside my site managed with Cloudflare, then it doesn’t work. It seems that the problem depends on the file. Is there any security rule that prevents me from extracting information from that file? Why? The file has permission set to 777.

And that link is something like https//my.example.com/test.php ?

Is there any security rule that prevents me from extracting information from that file?

There usually isn’t. Do you see anything in the Firewall log?

Do you see any type of error message?

Yes, the files are in PHP, and it blocks them if I call them with file_get_contents. Why is that? I’m not very proficient with the control panel, especially with security settings. When I filter for blocks, I see the file that I need for file_get_contents is blocked. How can I unblock it?

That’s how many times it was blocked in the Security Events page?

If you click “Filter” for that path, you can scroll down to the list of events to see why it was blocked.

Click the down arrow to expand the entry, and you’ll see the Rule or setting that blocked the request.

Here’s what I’m receiving

Ok. That’s Bot Fight Mode, which is doing what it’s supposed to do when there’s an automated request.

Turn it off:


Hi, why should I turn it off? If I’m calling that file, I shouldn’t be a threat. It only blocks bot threats there, but I haven’t found my IP listed.

Requests by file_get_contents can be regarded as a bot since it is automated, not a human.

If the site you are calling through file_get_contents is the same site that it is running on, set a hosts file entry so the request resolves to the server IP address directly and doesn’t route through Cloudflare.

1 Like

The point is that I want to allow the file to be called even from servers that are not mine. How can I do that?

Then, as @sdayman said, you will need to turn off Bot Fight mode (since it can’t be bypassed with WAF rules for special cases), or use a Pro plan and Super Bot Fight mode (which you can bypass for just your specific file).

1 Like

I have the Pro plan, I don’t use the free plan.