Cloudflare OWASP Core Ruleset blocking legit requests
I was prompted to migrate to the managed WAF rulesets by the Security Center showing a "critical" issue for not using them. Doing so immediately blocked legitimate requests to my site, almost all requests (even without any query parameters) were being flagged by the same six rules. I turned the core ruleset off and requests started working again. What would cause a simple GET requests from a legit browser to be triggering these?
Welcome to the official Cloudflare Developers server. Here you can ask for help and stay updated with the latest news
86,942Members
Resources
Similar Threads
Was this page helpful?
