Interesting, I never really knew setting Action to "Managed challenge" would be equivalent to skipping all the remaining rules and this is coming from someone who is managing multiple Enterprise Cloudflare accounts for the past couple of years. Thanks.
The cloudflare UX / dashboard / terraform docs are lacking in precision. I've tried to clarify on a few occasions with customer support and gotten different (very incorrect) answers from different staff. Added bonus is that the chat for support is broken (at least on firefox).
ran into this with UFW + Cloudflare on a VPS. had a rule in UFW that should have been denying a range, but Cloudflare was proxying the request so UFW saw Cloudflare's IP instead of the client's. took me way too long to figure out.
the "first match wins" vs "most specific wins" difference between systems is brutal when you're debugging at 2am.
> In other way this seems to be intended behavior even though Cloudflare dashboard is straight lying to you by saying that Block rule will execute after Challenge action:
> Above statement is not true, as the rule will never be evaluated after “Force bot detection” rule.
Actually what you are saying is not true because the rule is evaluated after your previous rule just like it says, only as long as it was not a terminating action which is documented. Just because you created two conflicting rules in the incorrect order does not mean that their UI text is incorrect or lying to you.
13 comments
It's not expressed anywhere in the UI, so at some point someone really just said "well the user will figure it out."
the "first match wins" vs "most specific wins" difference between systems is brutal when you're debugging at 2am.
> In other way this seems to be intended behavior even though Cloudflare dashboard is straight lying to you by saying that Block rule will execute after Challenge action:
> Above statement is not true, as the rule will never be evaluated after “Force bot detection” rule.
Actually what you are saying is not true because the rule is evaluated after your previous rule just like it says, only as long as it was not a terminating action which is documented. Just because you created two conflicting rules in the incorrect order does not mean that their UI text is incorrect or lying to you.