search cancel

Monitors failing with 403 errors when the site uses Cloudflare CDN


Article ID: 229674


Updated On:


CA App Synthetic Monitor


We have recently migrated some of our domains to use Cloudflare's CDN. Our monitors in App Synthetic Monitor are now failing due being blocked by Cloudflare's Bot Management challenges.

Is there any way we can set some specific text in a custom 'Referer' Header so we can whitelist these hits to our domains?


Release :

Component :


The Server response in the ASM monitor log shows the 403 is coming from Cloudflare

HTTP/1.1 403 Forbidden
Date: Wed, 01 Dec 2021 16:34:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Expect-CT: max-age=604800, report-uri=""
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b6db964a984665d-MAD
Content-Encoding: gzip

<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->

<title>Attention Required! | Cloudflare</title>

<meta name="captcha-bypass" id="captcha-bypass" />
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1" />


Customer referrer was set in the Custom HTTP request header in the advanced section of the HTTP/HTTPS monitor configuration