Join the web development community

Cloudflares' challenge is blocking website permantently

I already set the security level of Cloudflare to essentially off and cleared also the browser cache. I am still seeing always a challenge page if I try to post comments or try to update posts. The problem is that the challenge breaks the safe process of the content so that I can insert it again to see again the challenge and so on. It is not possible to post any content on my website. If there is no solution I will kick off Cloudflare again.

Security level Cloudflare

codenovae's picture

You need to do some recherche

Vote the answer: 
0
No votes yet

I would not turn off the security of the firewall. The cloudflare firewall has some really good and easy to setup features. 

You should check the matched triggers of the challanged Ip. You will find this in the firwall settings of your Cloudflare account. There you can see which rules triggered the challange. After this you can switch off exactly these triggers to eliminate the false positive triggers.

Codemaster's picture

There are 3 WAF rule s ets

Vote the answer: 
0
No votes yet

There are 3 different WAF rulesets. You will find the setting in the tab of Web Application Firewall. There you will find the Cloudflare Rule set and the OWASP ModSecurity Core Rule Set. The last rule set is a custom rule set.

Cloudflare Rule set and OWASP ModSecurity Core Rule Set

 

There you need to see the Rule details. If you run a CMS like Drupal you should only activate these rule sets which fit to your environment.

Cloudflare rule set

For example, PHP, Drupal, and Specials rule set. Specials are recommended to be switched on anyway.

Like this, you will still see the challenge but it will not break the storage process anymore. If you do not want that your users will be challenmged you need to check what rule triggered the challenge, Therefore just goto Details of the IP which has been challenged by the firewall.

Cloudflare Challenged IP

Then check the matched triggered section, There you will find the rules which caused the trigger. 

Matched trigger cloudflare

In this example the trigger is the SQL injection. Also you see there that it was the OWASP rule set. So lets go to the OWASP rule settings.

OWASP rule set

If you disable the triggers with SQL your users will not be challenged anymore. On the other hand, you will miss this security relevant protection. You need to decide. If you want to specify the triggers more precisely then you can check the advanced setting where you can find about 250 rules. Each rule comes with an ID which helps to allocate the correct ID to the matched trigger.