All Collections
External vulnerability scanning
How do I add Intruder's IPs to my allowlist in Cloudflare?
How do I add Intruder's IPs to my allowlist in Cloudflare?

Allowlisting in Cloudflare isn't totally straightforward. Here's how to get around their restrictions on IP Access Rules.

Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

Allowlisting in Cloudflare will allow the scanner to detect weaknesses lying underneath the WAF, so you can execute a 'defence in depth' security strategy, and put in place measures that would prevent successful exploitation, even where the WAF fails or can be bypassed by an attacker.

Cloudflare's WAF provides two ways to allowlist security scanners:

  • 'IP Access Rules' (within the Tools tab) – which cannot be used to allowlist Intruder's scanning ranges.

  • 'Custom Rules' – which can be used and is explained below.

Adding the WAF Custom Rule

To get started, we need to browse to the WAF page and click on the Custom Rules tab

  1. Click 'Create a Firewall Rule', and give it a recognisable name

  2. Using the 'Field' dropdown, select 'IP Source Address' and under the Operator field, select 'is in'

  3. In the 'Value' field, add the relevant Intruder scanning ranges and IPs.

  4. Under 'Choose an action', select 'Skip', tick all the WAF Components listed, then click the 'More components to skip' button and skip the remaining components

  5. When finished, click 'Deploy'.

Intruder's scanners will now be able to scan your Cloudflare-protected hosts, without scan interference.

Starting from 28th February 2023, Cloudflare began a phased rollout of a new Firewall rule policy. If you configured your allowlisting before this date to use two rules (an Allow and a Bypass rule) then this should have now been converted by Cloudlflare into one Skip rule.

Did this answer your question?