I have the Cloudflare WAF setup on the domain of my nextcloud server, but seems to not be working. I blocked my public IP and am still able to access everything fine.
Could you share a screenshot of the Firewall Rule you’ve created?
And the domain is proxied ?
Hmm, do you have any Firewall Rules where the action is
Allow? Rules are applied in order so another rule with action
Allow could result in this one being skipped.
My rules are as follows:
Allow my IP
Challenge Medium Threat Score
Block Bots + high threat score
Block all county’s besides US
For the testing, I changed the allow part of the “My IP” rule to block so there were not allows.
May I ask is the Cloudflare IP or your public IP returned on the origin host or a server side, better to say on the Nextcloud?
Possible issue with a cache options, maybe?
Nevertheless, is Cloudflare allowed to connect to your origin host/server?
May I ask do you pay for some Cloud Nextcloud instance, or self-host it?
Furthermore, may I just add a note as far as depending on the Cloudflare plan which you are using for your domain name, there is a limit for the upload while using proxied hostname where your Nextcloud is installed (if using web interface for uploading large files):
Cloudflare limits the upload size (HTTP POST request size) per plan type:
- 100MB Free and Pro
- 200MB Business
- 500MB Enterprise by default. Contact Customer Support to request a limit increase.
Looks like the clearing Cloudflare’s cache did it. Why did that work though? Local cache had been cleared and had to go to Cloudflare. Since Cloudflare was still severing the traffic, shouldn’t it still have followed the WAF?
If so, may I also ask are you using any custom
Page Rules, or better to ask could you re-check which
values have you got selected for the
Caching Level and
Browser Cache options at Cloudflare dashboard for your domain?
I have no page rules, the caching level is standard, and the TTL is 4 Hours
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.