Interesting, I never really knew setting Action to "Managed challenge" would be equivalent to skipping all the remaining rules and this is coming from someone who is managing multiple Enterprise Cloudflare accounts for the past couple of years. Thanks.
The cloudflare UX / dashboard / terraform docs are lacking in precision. I've tried to clarify on a few occasions with customer support and gotten different (very incorrect) answers from different staff. Added bonus is that the chat for support is broken (at least on firefox).
plus all the times he has been a crybaby and demanding special treatment when it comes to flying and everything related to his private jet for some reason.
He's not unique and probably not the Antichrist, just in the group of turbo-assholes. This post was made in the context of this chain.
ran into this with UFW + Cloudflare on a VPS. had a rule in UFW that should have been denying a range, but Cloudflare was proxying the request so UFW saw Cloudflare's IP instead of the client's. took me way too long to figure out.
the "first match wins" vs "most specific wins" difference between systems is brutal when you're debugging at 2am.
> In other way this seems to be intended behavior even though Cloudflare dashboard is straight lying to you by saying that Block rule will execute after Challenge action:
> Above statement is not true, as the rule will never be evaluated after “Force bot detection” rule.
Actually what you are saying is not true because the rule is evaluated after your previous rule just like it says, only as long as it was not a terminating action which is documented. Just because you created two conflicting rules in the incorrect order does not mean that their UI text is incorrect or lying to you.
I think "as long as it was not a terminating action" is crucial here. The way how Cloudflare dashboard is designed right now may put you in false sense of security by implying that all rules will be evaluated one after another. In my opinion, they could do a better job UI-wise on highlighting, that a terminating action will result in skipping all subsequent rules.
The dashboard is lying, though. Just because somewhere else there are some words saying that this won't work doesn't mean the dashboard is telling the truth.
plus all the times he has been a crybaby and demanding special treatment when it comes to flying and everything related to his private jet for some reason.
He's not unique and probably not the Antichrist, just in the group of turbo-assholes. This post was made in the context of this chain.
I'm aware of him flipping back n forth on hosting controversial websites and such, but I've had the impression that the guy is quite chill.
haven't heard of anything regarding the private jet though
It's not expressed anywhere in the UI, so at some point someone really just said "well the user will figure it out."
the "first match wins" vs "most specific wins" difference between systems is brutal when you're debugging at 2am.
> Above statement is not true, as the rule will never be evaluated after “Force bot detection” rule.
Actually what you are saying is not true because the rule is evaluated after your previous rule just like it says, only as long as it was not a terminating action which is documented. Just because you created two conflicting rules in the incorrect order does not mean that their UI text is incorrect or lying to you.