You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/logs/reference/log-fields/zone/http_requests.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -481,7 +481,7 @@ Action of the security rule that triggered a terminating action, if any.
481
481
482
482
Type: `array[string]`
483
483
484
-
Array of actions the Cloudflare security products performed on this request. The individual security products associated with this action be found in SecuritySources and their respective rule Ids can be found in SecurityRuleIDs. The length of the array is the same as SecurityRuleIDs and SecuritySources. <br />Possible actions are <em>unknown</em> \| <em>allow</em> \| <em>block</em> \| <em>challenge</em> \| <em>jschallenge</em> \| <em>log</em> \| <em>connectionClose</em> \| <em>challengeSolved</em> \| <em>challengeFailed</em> \| <em>challengeBypassed</em> \| <em>jschallengeSolved</em> \| <em>jschallengeFailed</em> \| <em>jschallengeBypassed</em> \| <em>bypass</em> \| <em>managedChallenge</em> \| <em>managedChallengeSkipped</em> \| <em>managedChallengeNonInteractiveSolved</em> \| <em>managedChallengeInteractiveSolved</em> \| <em>managedChallengeBypassed</em> \| <em>rewrite</em> \| <em>forceConnectionClose</em> \| <em>skip</em> \| <em>managedChallengeFailed</em>.
484
+
Array of actions the Cloudflare security products performed on this request. The individual security products associated with this action be found in SecuritySources and their respective rule Ids can be found in SecurityRuleIDs. The length of the array is the same as SecurityRuleIDs and SecuritySources. <br />Possible actions are <em>unknown</em> \| <em>allow</em> \| <em>block</em> \| <em>challenge</em> \| <em>jschallenge</em> \| <em>log</em> \| <em>connectionClose</em> \| <em>challengeSolved</em> \| <em>challengeBypassed</em> \| <em>jschallengeSolved</em> \| <em>jschallengeBypassed</em> \| <em>bypass</em> \| <em>managedChallenge</em> \| <em>managedChallengeNonInteractiveSolved</em> \| <em>managedChallengeInteractiveSolved</em> \| <em>managedChallengeBypassed</em> \| <em>rewrite</em> \| <em>forceConnectionClose</em> \| <em>skip</em>.
Copy file name to clipboardExpand all lines: src/content/docs/logs/reference/security-fields.mdx
-3Lines changed: 0 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -22,10 +22,8 @@ The Security fields contain rules to block requests that contain specific types
22
22
|`log`| Log | Take no action other than logging the event. |
23
23
|`connectionClose`| Close | Close connection. |
24
24
|`challengeSolved`| Allow | Allow once interactive challenge solved. |
25
-
|`challengeFailed`| Drop | Block following invalid interactive challenge solve attempt. |
26
25
|`challengeBypassed`| Allow | Interactive challenge is not issued again because the visitor had previously passed an interactive challenge and a valid `cf_clearance` cookie is present. |
27
26
|`jschallengeSolved`| Allow | Allow once JS challenge solved. |
28
-
|`jschallengeFailed`| Drop | Drop if JS challenge failed. |
29
27
|`jschallengeBypassed`| Allow | JS challenge not issued because the visitor had previously passed a JS or interactive challenge. |
30
28
|`bypass`| Allow | Bypass all subsequent firewall rules. |
31
29
|`managedChallenge`| Challenge Drop | Issue managed challenge. |
@@ -61,4 +59,3 @@ The Security fields contain rules to block requests that contain specific types
61
59
|`dlp`| Allow or block based on the Data Loss Prevention product settings. |
62
60
|`firewallManaged`| Allow or block based on WAF Managed Rules' settings. |
63
61
|`firewallCustom`| Allow or block based on a rule configured in WAF custom rules. |
Copy file name to clipboardExpand all lines: src/content/docs/waf/troubleshooting/faq.mdx
+5-9Lines changed: 5 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -163,13 +163,7 @@ Previously, unless you customize your front-end application, any AJAX request th
163
163
164
164
Now, you can [opt-in to Turnstile’s Pre-Clearance cookies](/turnstile/concepts/pre-clearance-support/). This allows you to issue a challenge early in your web application flow and pre-clear users to interact with sensitive APIs. Clearance cookies issued by a Turnstile widget are automatically applied to the Cloudflare zone that the Turnstile widget is embedded on, with no configuration necessary. The duration of the clearance cookie’s validity is controlled by the zone-specific configurable [Challenge Passage](/waf/tools/challenge-passage/) security setting.
165
165
166
-
### Does the challengeFailed action accurately represent challenges that users did not pass?
167
-
168
-
No. The `challengeFailed` and `jschallengeFailed` firewall rule actions account for observed requests that, under special circumstances, did not pass a challenge. However, some failed challenges cannot be traced back to a firewall rule. Additionally, Cloudflare Firewall Rules may not have a record of every request with a failed challenge.
169
-
170
-
Therefore, consider these actions with caution. A reliable indicator is the [Challenge Solve Rate (CSR)](/bots/concepts/challenge-solve-rate/) displayed in **Security** > **WAF** > **Firewall rules**, which is calculated as follows: `number of challenges solved / number of challenges issued`.
171
-
172
-
### Why would I not find any failed challenges? Why is ChallengeIssued not equal to ChallengeSolved plus ChallengeFailed?
166
+
### Why would I not find any failed challenges?
173
167
174
168
Users do not complete all challenges. Cloudflare issues challenges that are never answered — only 2-3% of all served challenges are usually answered.
175
169
@@ -180,10 +174,12 @@ There are multiple reasons for this:
180
174
- Users keep refreshing the challenge, but never submit an answer.
181
175
- Cloudflare receives a malformed challenge answer.
182
176
177
+
You can calculated the number of failed challenges as follows: `number of challenges issued - number of challenges solved`.
178
+
183
179
### Why do I have matches for a firewall rule that was not supposed to match the request?
184
180
185
181
Make sure you are looking at the correct request.
186
182
187
-
Only requests that triggered a challenge will match the request parameters of the rule. Subsequent requests with a `[js]challengeSolved`or `[js]challengeFailed`action may not match the parameters of the rule — for example, the bot score may have changed because the user solved a challenge.
183
+
Only requests that triggered a challenge will match the request parameters of the rule. Subsequent requests with a `[js]challengeSolved` action may not match the parameters of the rule — for example, the bot score may have changed because the user solved a challenge.
188
184
189
-
The "solved" and "failed" actions are informative actions about a previous request that matched a rule. These actions state that "previously a rule had matched a request with the action set to _Interactive Challenge_ or _JS Challenge_ and now that challenge was answered."
185
+
The "solved" action is an informative action about a previous request that matched a rule. This action states that "previously a rule had matched a request with the action set to _Interactive Challenge_ or _JS Challenge_ and now that challenge was answered."
0 commit comments