WAF for pro plan and a website

It seems to indicate in Cloudflare documentation that a proxied website cannot take advantage of Super bot fight mode:
“Currently mTLS for Workers cannot be used for requests made to a service that is a proxied zone on Cloudflare. If your Worker presents a client certificate to a service proxied by Cloudflare, Cloudflare will return a 520 error.”
I am under BOT attacks from Amazonbot and can’t figure out how to avoid this. Thank you. What does WAF mean?

I am able to select to enable a selection for static resource protection. Is that advisable? --it says it could block good traffic. I need to block a lot of pages, particularly the Registration and Login page.

1 Like

Hi @daycomm

mTLS is completely separate from Super Bot Fight Mode. You can enable Super Bot Fight mode for your account by following this documentation → Get started with Super Bot Fight Mode (Pro) · Cloudflare bot solutions docs

You can also use the Web Application Firewall (WAF) to create rate limiting rules to rate limit Amazonbot → Rate limiting rules · Cloudflare Web Application Firewall (WAF) docs

Thank you very much

A post was split to a new topic: Wallet blocked