Cloudflare WAF blocking custom SQL

JoshBridgement · November 10, 2021, 2:37pm

Expected behavior

Charts that use a Custom SQL data source should not trigger basic generic security layers such as Cloudflare WAF. Sending the raw SQL as the payload seems to have this effect

Actual behavior

Cloudflare WAF and similar services (including Sqreen) will automatically block the request with a HTTP 403

Context

We imagine Custom SQL is a popular feature and considering how widespread security tools like cloudflare are, we were wondering if there is a recommended approach to this problem

jeffladiray · November 10, 2021, 2:46pm

Hey @JoshBridgement

Indeed, we have a few issues with Cloudflare WAF services.
If you have on hand the list of WAF rules triggered, may I ask you to share these here or as DM?
(That is useful for us, since Custom SQL aren’t the only source of issues we encounter with Cloudflare)

Sadly, the only workaround we’ve found so far is to either disable the WAF services on specific routes or on the whole /forest namespace.

JoshBridgement · November 10, 2021, 2:50pm

Thanks - I have sent you a list of the affected WAF services

Topic		Replies	Views
Forest Admin IP Addresses to Whitelist Help me! setup , datasource	5	340	April 12, 2023
Request rejected (403) because of Unauthorized IP in Production Help me!	5	75	July 19, 2024
CIDR Block(s) for admin request Help me!	13	211	March 15, 2023
How to handle RLS Help me!	1	226	June 1, 2023
Segment crashes depending on filter Help me!	14	517	March 1, 2021

Cloudflare WAF blocking custom SQL

Expected behavior

Actual behavior

Context

Related topics