Why does it check browser before accessing?

Why do we get this message for the front end of our site? We see it frequently for WPAdmin links, but not the front end. Delays the load for the first time.
https://nhmres.com

This process is automatic. Your browser will redirect to your requested content shortly.

Please allow up to 5 seconds…

Redirecting…

DDoS protection by Cloudflare
Ray ID: 71ee7e864c4c02bc

We are not in “under attack mode”,
We have no firewall rules.
SSL/TLS - Full
In Network all are checked:
https/2, http/2 to origin
http/3 (with QUIC)
0-RTT Connection Rsumption is NOT checked.
IPv6 compatibility, Web sockets and Onion Routing is checked
I’ve tried in incognito in Chrome. Same thing.
Firefox - same thing.

I see it in the frontend aswell.

This happens if you have JS Challenge on. It also can be triggered by having the Firewall in a sensitive mode. For the frontend I would recommend setting it to “Essentially off” and disable JS Challende.

Change the Firewall settings here: https://dash.cloudflare.com/?to=/:account/:zone/firewall/settings

For the backend ‘/wp-admin*’ this should be fine, as security outweighs TTFB.

Thank you.
Found essentially off.
But, I’m not seeing how to disable the JS Challenge in the same area. Disable isn’t an option in Challenge Passage.
We have no firewall settings in here - sensitive or otherwise.

Can you please check, if a PageRule activates any of the security settings?

1 Like