AI intelligent summary
GPT
The article discusses a sudden spike in Cloudflare's 4xx error rate, which was traced back to recent changes in the WAF (Web Application Firewall) configuration. The investigation involved analyzing error trends and reviewing recent website changes to identify the cause of the issue.
Recently a phenomenon was discovered in the Cloudflare backend: The 4xx error rate suddenly shot up to the sky, even exceeding 30%. The first reaction is not the site where the problem, the results of a check of statistics, found that the data does not have any problems, continue to dig deeper, found that the recent configuration of the WAF (Web Application Firewall) to do things. Today, we will record and talk about the problem in the end, how to solve.
investigation process
Analyzing error trends
- Confirming when the problem occurs at Cloudflare The
- Analyze source server logs for related issues
However, after analyzing the source server, there is no relevant problem
- Viewing site analytics data. Side-by-side confirmation of the existence of relevant problems
There's nothing unusual about the statistics.
Review and check for recent website changes
- code change
- Change of source station
- CDN Changes
- WAF Changes
Confirmation is that a WAF rule with a larger detection range was recently configured.
Cloudflare WAF Configuration Causes 4xx Error Spikes
The 4xx code is usually an error response to specify a problem on the client side, possibly a network problem. For example, the most common 404 is the page does not exist, while 403 is "forbidden access". WAF is really powerful, can help us block a lot of malicious traffic, such as automated crawlers, website scanning and so on.
It happens to us all the time. Adjusted Cloudflare security settings such as WAF of the time. Because Cloudflare Security Products will trigger 403 Response belongs to 4xx code
The reason for this spike in the error rate is because Newly configured WAF rules, which blocked many automated programs and crawler requests. As a result, the 4xx error rate went through the roof!
method settle an issue
- Analyzing WAF Rules
- Don't be too harsh: First, let's see which rules have a higher number of intercepts. Check logs to analyze for false positives
- utilization trace carry out a test : Simulate HTTP requests to understand the impact of Cloudflare configuration.
- Logging with skip rules
Setting up a must trigger of the WAF rule and set it to skip. Skipping an unimportant WAF component The logging is implemented in a way that it is not a problem.
Not at the moment
WAF is really a good thing, and it saves us a lot of work when used well, but it can also trigger other data anomalies.
Carefully analyzing and thinking about recent changes is the fastest way to solve problems. I hope this article has given you some ideas, don't let the spike in 4xx errors overwhelm you, keeping your website running smoothly is the way to go!
Main Reference Not available
acceptable become a member Telegram's Little Warehouse of Seven Rows | Internet Memories | Blogs cap Seven lines Technical Exchange Group Find more tips oh 🥰 and also discuss various issues in the chat group ❓
Welcome to the Bottom comment section. Share your thoughts and experiences with Let's discuss and improve together!
- Author:Qi Xing
- URL:https://blog.qixing1217.top/article/cloudflare-4xx-error-rate-surge-maybe-waf-culprit
- Copyright:All articles in this blog, except for special statements, adopt BY-NC-SA agreement. Please indicate the source!
