CloudFlare Firewall Blocking Requests?

  • Hi there,

    The plugin seems to be working great, but I’ve noticed a huge spike in CloudFlare Firewall Events since enabling.

    Ray ID: 5dfab1a2c1eb0e5a
    Method: PUT
    HTTP Version: HTTP/1.1
    Host: cloudflarestorage.com
    Path: /v7/b/-yb0bIj8H0Q2gNHQhQIEUV5T_r19mx5JsNDFtBrUDTA/worker/k/15955126:startupbros.com%2F
    Query string: ?urlencoded=true&expiration_ttl=2592000
    User agent: Empty user agent
    IP address: 2a06:98c0:3600::103
    WAF Rule ID: 100173
    Rule message: XSS, HTML Injection – Script Tag
    Rule group: Cloudflare Specials
    Action taken: Block

    I had none of these before enabling the plugin, and now I have 12,000 in the first 12-hours since enabling…

    Are these requests related to this plugin? I’m afraid requests are being blocked, or something is going wrong with CloudFlare caching the HTML (though it seems to be working).

    Thanks so much for the great plugin,
    Will

Viewing 1 replies (of 1 total)
  • Plugin Contributor iSaumya

    (@isaumya)

    Hi @willmitchell,
    I use WAF on my site along with many of my client’s sites are also using WAF while using this plugin. None of those websites has this WAF blocking. So, here are my thoughts on this matter:
    1. Looking at the path and query-string, I can confidently say that this is not our plugin or any way related to this plugin. Seems like some sort of API endpoint URL structure.
    2. This WAF blocking has nothing to do with this plugin. I think this is a pure coincidence that when you enabled the plugin at the safe time you received these attacks.
    3. Moreover these attacks are already being blocked by Cloudflare, so you don’t have to worry about it. This plugin is not using any such request and especially not PUT request.

Viewing 1 replies (of 1 total)
  • The topic ‘CloudFlare Firewall Blocking Requests?’ is closed to new replies.