By default, Cloudflare is not API friendly including Uptime Kuma. Cloudflare may block requests from Uptime Kuma.
You need to disable or bypass "Browser Integrity Check" in Cloudflare Dashboard via one of these methods:
- (Easiest) Add your Uptime Kuma host IP address to IP Access rules as an Allowed address, optionally across every domain in your Cloudflare account
- Allow Uptime Kuma to bypass the check via WAF Custom Rules, and special header. E.g. lets add to the Kuma request header (please replace
kuma-qwerty123456
with your own random value):Now create a rule where you will bypass JS challenge if header is presented. You can also add multiple domains after{ "kumaping":"kuma-qwerty123456" }
or
E.g.and at the end of the rule JS challenge. Now challenge will be only triggered if(http.host eq "domain1" and all(http.request.headers["kumaping"][*] ne "kuma-qwerty123456")) or (http.host eq "domain2" and all(http.request.headers["kumaping"][*] ne "qwerty123456"))
kumaping
header is not presented or it has a wrong value. - Use a Configuration Rule to disable the check for your Uptime Kuma IP address
Related discussion: https://community.cloudflare.com/t/api-403-after-enabling-cloudflare/108078/6
Please read: https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy#cloudflare