This endpoint is managed and served by Cloudflare. It cannot be modified or customized. The endpoint is not used by every Cloudflare product, but you may find some products use the endpoint in its URL.
A few examples include (but are not limited to):
- used by Cloudflare bot products (
- for a website proxied through Cloudflare (
- in the new URLs you would use for images (
- used to hide email addresses from malicious bots (
Exclude from security scanners
Some scanners may display an error because certain
/cdn-cgi/ endpoints do not have an applied to it or for similar reasons. Because the endpoint is managed by Cloudflare, you can ignore the error and do not need to worry about it.
To prevent scanner errors, omit the
/cdn-cgi/ endpoint from your security scans.
Disallow using robots.txt
/cdn-cgi/ also can cause issues with various web crawlers.
SEO and other web crawlers may also mistakenly crawl these endpoints, thinking that they are part of your site’s content.
As a best practice, update your
robots.txt file to include