If your site is behind Cloudflare, you can whitelist either our User Agent we use for all our checks (Uptime, Broken Links, Lighthouse, Sitemap etc.) or whitelist our static set of IP addresses to bypass any WAF protection rules.
Add Oh Dear static IPs as a list
In Cloudflare, you can make lists of objects, including IP addresses. We'll import the Oh Dear static IPs first, so we can use this list later on as a Cloudflare rule.
From within your Cloudflare Dashboard, use the left-hand menu and head over to Manage Account > Settings > Lists and click Create List.
Give your new list a name, such as oh_dear_static_ip_addresses, and choose IP as the type of list. Click create.
To add items, you can choose the option Upload CSV and use the content from our our plain text list of IP addresses. Save that page as a .csv and reference that file in the upload section. That'll pre-populate the IPs in the Cloudflare form.
Hit save to save your input.
Per-domain whitelisting
If your Cloudflare has multiple domains, head over to the domain you want to whitelist this for within your Cloudflare Dashboard. The sections below are on a per-domain basis, so you can choose to implement these rules on some or all of your sites.
Security Settings
Now let's configure the actual Cloudflare rule.
Navigate to Security > Security rules in the left-hand menu and click +Create Rule to make a new Custom Rule.
In the section When incoming requests match…, choose:
- User-Agent, let it match a wildcard of OhDear.app*
- IP Source Address, let it match is in list and reference the IP list you created earlier
The expression will eventually look like this:
(http.user_agent wildcard r"OhDear.app*" and ip.src in $oh_dear_static_ip_addresses)
At the bottom of the page, select what these criteria would do in the Then take action… section and choose Skip. Select all the rules below that should be skipped.
After this, Oh Dear should be fully whitelisted on Cloudflare.