Cloudflare Authentication Error

  • Resolved cousineddie

    (@cousineddie)


    1 month, 2 weeks ago

    Hi, I have ‘Push “Manually Blocked” IPs to Cloudflare and ‘Push temporary blocks (WAF, Login attempts, etc.) to Cloudflare’ checked in settings but I am seeing a number of error logs eg: ‘Cloudflare Block Failed for 43.1XX.110.104: Cloudflare Error: Authentication error’ , ‘Cloudflare Block Failed for 34.122.1XX.229: Cloudflare Error: Authentication error’ though I have created and added an API token (which verifies ok) and the Zone ID to my settings in Advanced IP Blocker?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author IniLerm

    (@inilerm)

    1 month, 2 weeks ago

    Hi @cousineddie,

    This error usually happens when the API Token is valid (so the “Verify” button turns green) but it lacks the specific permission to modify the Firewall rules for your Zone.

    Please try regenerating the token with these exact steps to ensure it has the “Write” capability:

    1. Go to Cloudflare Dashboard > My Profile > API Tokens.
    2. Click Create Token > Create Custom Token (at the bottom).
    3. Permissions: (This is the critical part)
      • Zone > Firewall Services > Edit
      • (Optional)Zone > Zone > Read
    4. Zone Resources:
      • Include > Specific zone > Select your domain.

    If you used a pre-made template (like “Edit Zone DNS” or “WordPress”), it might not have the “Firewall Services” permission enabled by default.

    Also, please double-check that the Zone ID you pasted matches exactly the one on your Cloudflare Overview page for that specific domain (sometimes users with multiple domains mix them up).

    Let me know if a fresh Custom Token solves it!

    Best regards,

    Plugin Author IniLerm

    (@inilerm)

    1 month, 2 weeks ago

    Cloudflare Permisions Settings – Advanced IP Blocker

    Plugin Author IniLerm

    (@inilerm)

    1 month, 2 weeks ago

    Recommendation to prevent JavaScript challenges from being stored in the Cloudflare cache and to ensure they function correctly:

    In your domain dashboard: Caching > Cache Rules

    Create a new rule, eg. :

    Rule name (required) -> ADVAIPBL – Challenge – Cookie

    Field: Cookie -> Operator: equals -> Value: advaipbl_js_verified

    Expression Preview -> (http.cookie eq “advaipbl_js_verified”)

    and select Bypass cache

    Plugin Author IniLerm

    (@inilerm)

    1 month, 2 weeks ago

    Why this matters:
    This is an advanced configuration, but once set up correctly, your site will be protected by a Triple-Layer Defense System:

    1. Cloud Level (Cloudflare): Blocks threats at the network edge (Zero server load).
    2. Server Level (.htaccess): Blocks threats before WordPress loads.
    3. Application Level (Plugin): Smart logic, scoring, and fingerprinting.

    Getting this Cloudflare connection right ensures that distributed attacks are stopped before they ever reach your hosting server resources.

    Plugin Author IniLerm

    (@inilerm)

    1 month, 2 weeks ago

    HOW TO SETUP CLOUD EDGE DEFENSE (CLOUDFLARE)

    Thread Starter cousineddie

    (@cousineddie)

    1 month, 2 weeks ago

    Your instructions seem to have worked a treat! Thankyou

Viewing 6 replies - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.