WAF Enabled on access domains causes unwanted blocks


I just finished installing another application using CF Access, however, there is a problem:

The requests that end in .git are hard blocked by the WAF, this rule makes perfect sense in all other scenarios but obviously in a controlled environment where we need to access these paths, its very problematic.
Is there any way to sort this out without having to disable the entire rule?

I saw this: Disable WAF for Cloudflare Access Authorized Zone - #3 by OliverGrant but in our case it’s a WAF block, captchas would not bother us at all.

Firewall Rules should let you set a “Bypass WAF” for that URL(s).

1 Like

I think that I’d rather if the entire subdomain was whitelisted from waf in this case, I couldn’t find anything that refers to the subdomain so I ended up doing:

(http.host contains "my_subdomain")

For a subdomain, you can make it an Equal:
(http.host eq "drive.EXAMPLE.org"

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.