Resolving Cloudflare Blocks

HireFire accesses your application's endpoints to retrieve worker queue metrics for autoscaling. Cloudflare may block or challenge these requests due to DDoS protection, bot fight mode, or configuration changes, causing monitors to fail.

To mitigate:

• Whitelist by User-Agent: In Cloudflare (Domain > Security > WAF > Custom Rules), create a rule to skip challenges for requests with User-Agent: "HireFire". This is a simple catch-all but may expose a DDoS vector.
• Whitelist by Token (Recommended for Security): Use the HireFire-Token header with your app's HIREFIRE_TOKEN value (from Heroku environment variables). Add a WAF rule to skip challenges for matching tokens. Configure per-application for unique tokens.

This ensures HireFire can access metrics without disruption. If issues persist, contact support@hirefire.io.