I had trouble connecting to a Misskey server. More specifically, their requests to my Mastodon server were delivered correctly, but requests from my server did not reach the Misskey server.
As we troubleshoot together (that was sort of fun), it turned out
that their Cloudflare rejected requests with
User-Agent: Mastodon/*. That was why he could not receive
my posts on their side.
He used Cloudflare’s Bot Fight Mode
It automatically identifies bot traffic on a registered domain and rejects bot-like traffic.
Mastodon servers (or other Fediverse servers) send requests through background jobs, and the Fediverse has also experienced attacks from bots. Because of this, it makes sense that Cloudflare might interpret traffic from Mastodon as bot traffic.
You cannot bypass or skip Bot Fight Mode using the Skip action in WAF custom rules or using Page Rules. Skip, Bypass, and Allow actions apply to rules or rulesets running on the Ruleset Engine. While Super Bot Fight Mode rules are implemented in the Ruleset Engine, Bot Fight Mode checks are not. This is why you can skip Super Bot Fight Mode, but not Bot Fight Mode. If you need to skip Bot Fight Mode, consider using Super Bot Fight Mode.
Bot Fight Mode can still trigger if you have IP Access rules, but it cannot trigger if an IP Access rule matches the request. For example, the IP Access rule matches the connecting IP.
We have three options available. The first is to pay extra for “Super Bot Fight Mode,” the paid version of “Bot Fight Mode,” which allows setting nuanced rules. The second option is to manually whitelist the IP addreses of Mastodon servers, but it isn’t scalable for handling every Mastodon server we need to communicate with.
The option we chose? Just turn off Bot Fight Mode! Whilte this might allow some bot traffic, it saves money and avoids the hassle of setting complex rules.
162.4 lb
Fujitas 35 g Protein bar 15 g Seafood salad 30 g Chicken nuggets 20 g Protein shake 40 g Protein mocha latte 20 g Donut 0 g
total protein -> 160 g (>= 140)