Custom rule not allowing Googlebot and Applebot through without challenge.
⚔️Security✅Solved
I have a Cloudflare Security Rule to skip security on my public legal pages, but Cloudflare still injects the JS challenge script on those URLs. I can't access the page as google/apple bot.
Rule:
- Match: http.request.uri.path contains "/legal/"
- Action: Skip
- Order: first
Skipped components:
- custom rules
- managed rules
- rate limiting
- super bot fight mode
- browser integrity check
- security level
- user agent blocking
- previous-version managed/rate-limit products
I also turned Bot Fight Mode off.
But /legal/privacy still returns HTML containing:
- /cdn-cgi/challenge-platform/scripts/jsd/main.js
The page is public and should be accessible to Apple App Review and Google Play privacy-policy validators without any challenge.
Question:
- What Cloudflare feature can still inject challenge-platform/scripts/jsd/main.js even when a matching skip rule is first and Bot Fight Mode is off?
- Is JS Detections controlled somewhere outside Security Rules / Bot Fight Mode?
- How do I fully exempt /legal/* from challenge/JS detection?
Rule:
- Match: http.request.uri.path contains "/legal/"
- Action: Skip
- Order: first
Skipped components:
- custom rules
- managed rules
- rate limiting
- super bot fight mode
- browser integrity check
- security level
- user agent blocking
- previous-version managed/rate-limit products
I also turned Bot Fight Mode off.
But /legal/privacy still returns HTML containing:
- /cdn-cgi/challenge-platform/scripts/jsd/main.js
The page is public and should be accessible to Apple App Review and Google Play privacy-policy validators without any challenge.
Question:
- What Cloudflare feature can still inject challenge-platform/scripts/jsd/main.js even when a matching skip rule is first and Bot Fight Mode is off?
- Is JS Detections controlled somewhere outside Security Rules / Bot Fight Mode?
- How do I fully exempt /legal/* from challenge/JS detection?
Welcome to the official Cloudflare Developers server. Here you can ask for help and stay updated with the latest news
86,942Members
Resources
Similar Threads
Was this page helpful?
