Problems with Cloudflare's WAF When Using AWS Elastic Beanstalk for a PHP Application

51 views Asked by At

Problem Description

Hello, I'm facing an issue related to the WAF configuration in Cloudflare when my PHP application on AWS Elastic Beanstalk tries to make calls to a specific endpoint. I am using Elastic Beanstalk on AWS and have moved my DNS configuration to Cloudflare.


Current Configuration

  1. PHP application on AWS Elastic Beanstalk: mysite.mydomain.com
  2. Internal endpoints, such as: mysite.mydomain.com/loginValidation.php
  3. Dynamic public IP of the EC2 machine: 18.X.X.34
  4. Elastic Load Balancer (ELB) in AWS pointing to the EC2 machine
  5. DNS configuration in Cloudflare with a CNAME pointing to ELB: mysite --> awseb-AWSEB-XXXXXXX.eu-central-1.elb.amazonaws.com

Everything is working as expected so far.


The Issue

When my application tries to access the endpoint mysite.mydomain.com/loginValidation.php, Cloudflare's WAF blocks the request, showing the following details in the firewall:

  • IP Address: 18.X.X.34 (IP of the EC2 machine)
  • Country: "Country of AWS region"
  • Action: Blocked

What I've Tried

I've tried to solve this problem by temporarily allowing the dynamic public IP 18.X.X.34 in Cloudflare's WAF, but this is just a temporary fix.


Question

How can I correctly configure Cloudflare so that it does not block internal calls made from my own domain or load balancer in AWS Elastic Beanstalk? Or even make changes on my code when calling loginValidation.php ?


Thanks

Thank you very much for taking the time to read through my issue and provide any guidance.

0

There are 0 answers