Amend FAQ: Possible 403 (Forbidden) when using Cloudflare (and possibly other CDN's)

[m-scha1337]

Hi!

I just tried getting AutotuneWeb to run with my Heroku hosted Nightscout but for some reason i constantly got "403 (Forbidden)" and AutotuneWeb wouldn't be able to grab the profile from the Nightscout API. After a while of troubleshooting, i actually noticed that cloudflare, which i am routing my web based Nightscout traffic through, seemed to log unusually many 'Bot fight mode' firewall events. It looks like cloudflare's firewall (specifically the 'Bots' module under "Security" -> "Bots" to be exact) rejects all of AutotuneWeb's requests towards the Nightscout API, therefore causing the 403.

Now, I am aware this is not an issue with AutotuneWeb in and of itself. If anyone is to blame, it is me for using cloudflare CDN and failing to recognize it as the culprit. But i hereby suggest extending the FAQ by mentioning the possibility of "Foul play" by intermediate services like cloudflare's bot protection. Especially because I never explicitly told cloudflare to block requests from AutotuneWeb. It just automatically classified the request as coming from a bad bot, therefore being fraudulent.

This may or may not also apply to other CDN's, I'm not sure.

[KittDoesntCode]

For troubleshooting these events, visit Security -> Events. You'll see a source IP (I won't like it here) being caught by "Bot fight mode"

If your trust that IP (temporarily or permanently), you can add a bypass rule. Go to Security -> WAF -> Tools. Add an IP Access Rule by putting in the IP address, Action = Allow, Zone = This Website, and click the "Add" button. The AutotuneWeb site won't be blocked any longer.