Skip to content
Logs
Visit Logs on GitHub
Set theme to dark (⇧+D)

Firewall fields

The Firewall fields contain rules to block requests that contain specific types of content.

FirewallMatchesActions

ValueActionDescription
unknownUnknownTake no other action
allowAllowBypass all subsequent rules
blockDropBlock with an HTTP 403 response
challengeChallenge DropIssue a CAPTCHA challenge
jschallengeChallenge DropIssue a JS challenge
logLogTake no action other than logging the event
connectionCloseCloseClose connection
challengeSolvedAllowAllow once CAPTCHA challenge solved
challengeFailedDropBlock following invalid CAPTCHA solve attempt
challengeBypassedAllowCAPTCHA challenge not issued because visitor had previously passed a CAPTCHA challenge
jschallengeSolvedAllowAllow once JS challenge solved
jschallengeFailedDropDrop if JS challenge failed
jschallengeBypassedAllowJS challenge not issued because the visitor had previously passed a JS or CAPTCHA challenge
bypassAllowBypass all subsequent firewall rules
managedChallengeChallenge DropIssue managed challenge
managedChallengeSkippedAllowSkip managed challenge and allow
managedChallengeNonInteractiveSolvedAllowAllow once the managed challenge is solved via non-interactive interstitial page
managedChallengeInteractiveSolvedAllowAllow once the managed challenged is solved via interactive interstitial page
managedChallengeBypassedAllowChallenge was not presented because visitor had clearance from previous challenge

FirewallMatchesSources

ValueDescription
unknownUsed if an event is received from a new source but the logging system has not been updated
asnAllow or block based on autonomous system number
countryAllow or block based on country
ipAllow or block based on IP address
ipRangeAllow or block based on range of IP addresses
securityLevelAllow or block based on requester's security level
zoneLockdownRestrict all access to a specific zone
wafAllow or block based on the WAF product settings. This is the WAF/managed rules system that is being phased out.
firewallRulesAllow or block based on a zone's firewall rules configuration
uaBlockAllow or block based on the Cloudflare User Agent Blocking product settings
rateLimitAllow or block based on a rate limiting rule, whether set by you or by Cloudflare
bicAllow or block based on the Browser Integrity Check product settings
hotAllow or block based on the Hotlink Protection product settings
l7ddosAllow or block based on the L7 DDoS product settings
validationAllow or block based on a request that is invalid (cannot be customized)
botFightAllow or block based on the Bot Fight Mode (classic) product settings
botManagementAllow or block based on the Bot Management product settings
dlpAllow or block based on the Data Loss Prevention product settings
firewallManagedAllow or block based on the Firewall Managed Rules product settings
firewallCustomAllow or block based on a rule configured in the Firewall Custom Rulesets