Some Cloudflare restrictions might hinder your Markup experience. This guide will review these restrictions and how to resolve them.
Configurations that trigger challenges
Two areas of Cloudflare configuration can result in a challenge to MarkUp proxy:
In Security > Bots, a user can turn on “Bot Fight Mode” (free product) or “Super Bot Fight Mode”. Cloudflare classifies proxy requests as “Likely automated”, so if these settings are set to challenge anything “likely automated” then it will trigger.
In Security > WAF, various Custom, Rate Limiting, or Managed Rules can trigger challenges.
Note: The Cloudflare “Managed Rules” (Cloudflare Managed Ruleset, Cloudflare OWASP Core Ruleset, and Cloudflare Leaked Credentials Check) do NOT seem to trigger a challenge for proxy.
Most challenges are likely stemming from one of the Bot Fight Modes, but some custom WAF rules may be as well.
Solution
These steps should solve the issue for most or all configurations:
Go to Security > WAF
Click the button “+ Create Rule” button.
In “Rule name”, enter
Allow MarkUp.Click “Edit expression”, and then paste this into the edit field:
(ip.src in {34.229.37.143 34.229.37.212 34.229.37.152})Under the “Choose action” dropdown, select
SkipCheck the boxes:
All remaining custom rulesandAll Super Bot Fight Mode RulesIf the “Select order” dropdown is present, select
FirstClick the “Deploy” button.
Notes
Rarely, you may need to try checking more boxes in step 6, it should be pretty secure because the rule only applies to our proxy IPs
If you're using the free “Bot Fight Mode” (as opposed to Super Bot Fight Mode), it cannot be skipped with custom rules