Title: Cloudflare Authentication Error
Last modified: January 4, 2026

---

# Cloudflare Authentication Error

 *  Resolved [cousineddie](https://wordpress.org/support/users/cousineddie/)
 * (@cousineddie)
 * [5 months ago](https://wordpress.org/support/topic/cloudflare-authentication-error/)
 * Hi, I have ‘Push “Manually Blocked” IPs to Cloudflare and ‘Push temporary blocks(
   WAF, Login attempts, etc.) to Cloudflare’ checked in settings but I am seeing
   a number of error logs eg: ‘Cloudflare Block Failed for 43.1XX.110.104: Cloudflare
   Error: Authentication error’ , ‘Cloudflare Block Failed for 34.122.1XX.229: Cloudflare
   Error: Authentication error’ though I have created and added an API token (which
   verifies ok) and the Zone ID to my settings in Advanced IP Blocker?

Viewing 6 replies - 1 through 6 (of 6 total)

 *  Plugin Author [IniLerm](https://wordpress.org/support/users/inilerm/)
 * (@inilerm)
 * [5 months ago](https://wordpress.org/support/topic/cloudflare-authentication-error/#post-18774219)
 * Hi [@cousineddie](https://wordpress.org/support/users/cousineddie/),
 * This error usually happens when the API Token is valid (so the “Verify” button
   turns green) but it **lacks the specific permission** to modify the Firewall 
   rules for your Zone.
 * Please try regenerating the token with these exact steps to ensure it has the“
   Write” capability:
    1. Go to **Cloudflare Dashboard > My Profile > API Tokens**.
    2. Click **Create Token** > **Create Custom Token** (at the bottom).
    3. **Permissions:** (This is the critical part)
    4.  - **Zone** > **Firewall Services** > **Edit**
        - _(Optional)_: **Zone** > **Zone** > **Read**
    5. **Zone Resources:**
    6.  - **Include** > **Specific zone** > Select your domain.
 * If you used a pre-made template (like “Edit Zone DNS” or “WordPress”), it might
   not have the “Firewall Services” permission enabled by default.
 * Also, please double-check that the **Zone ID** you pasted matches exactly the
   one on your Cloudflare Overview page for that specific domain (sometimes users
   with multiple domains mix them up).
 * Let me know if a fresh Custom Token solves it!
 * Best regards,
 *  Plugin Author [IniLerm](https://wordpress.org/support/users/inilerm/)
 * (@inilerm)
 * [5 months ago](https://wordpress.org/support/topic/cloudflare-authentication-error/#post-18774231)
 * ![](https://i0.wp.com/advaipbl.com/wp-content/uploads/2026/01/AIB-Cloudflare-
   settings-1.png?ssl=1)
 * Cloudflare Permisions Settings – Advanced IP Blocker
 *  Plugin Author [IniLerm](https://wordpress.org/support/users/inilerm/)
 * (@inilerm)
 * [5 months ago](https://wordpress.org/support/topic/cloudflare-authentication-error/#post-18774241)
 * ![](https://i0.wp.com/advaipbl.com/wp-content/uploads/2026/01/AIB-Cloudflare-
   Cookie-challenge-cache-rule.png?ssl=1)
 * Recommendation to prevent JavaScript challenges from being stored in the Cloudflare
   cache and to ensure they function correctly:
 * In your domain dashboard: Caching > Cache Rules
 * Create a new rule, eg. :
 * Rule name (required) -> ADVAIPBL – Challenge – Cookie
 * Field: Cookie -> Operator: equals -> Value: advaipbl_js_verified
 * Expression Preview -> (http.cookie eq “advaipbl_js_verified”)
 * and select Bypass cache
 *  Plugin Author [IniLerm](https://wordpress.org/support/users/inilerm/)
 * (@inilerm)
 * [5 months ago](https://wordpress.org/support/topic/cloudflare-authentication-error/#post-18774247)
 * **Why this matters:**
   This is an advanced configuration, but once set up correctly,
   your site will be protected by a **Triple-Layer Defense System**:
    1. **Cloud Level (Cloudflare):** Blocks threats at the network edge (Zero server
       load).
    2. **Server Level (.htaccess):** Blocks threats before WordPress loads.
    3. **Application Level (Plugin):** Smart logic, scoring, and fingerprinting.
 * Getting this Cloudflare connection right ensures that distributed attacks are
   stopped before they ever reach your hosting server resources.
 *  Plugin Author [IniLerm](https://wordpress.org/support/users/inilerm/)
 * (@inilerm)
 * [5 months ago](https://wordpress.org/support/topic/cloudflare-authentication-error/#post-18774301)
 * [HOW TO SETUP CLOUD EDGE DEFENSE (CLOUDFLARE)](https://advaipbl.com/cloud-edge-defense-setup/)
 *  Thread Starter [cousineddie](https://wordpress.org/support/users/cousineddie/)
 * (@cousineddie)
 * [5 months ago](https://wordpress.org/support/topic/cloudflare-authentication-error/#post-18774320)
 * Your instructions seem to have worked a treat! Thankyou

Viewing 6 replies - 1 through 6 (of 6 total)

You must be [logged in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fcloudflare-authentication-error%2F%3Foutput_format%3Dmd&locale=en_US)
to reply to this topic.

 * ![](https://ps.w.org/advanced-ip-blocker/assets/icon-256x256.png?rev=3320247)
 * [Advanced IP Blocker](https://wordpress.org/plugins/advanced-ip-blocker/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/advanced-ip-blocker/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/advanced-ip-blocker/)
 * [Active Topics](https://wordpress.org/support/plugin/advanced-ip-blocker/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/advanced-ip-blocker/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/advanced-ip-blocker/reviews/)

 * 6 replies
 * 2 participants
 * Last reply from: [cousineddie](https://wordpress.org/support/users/cousineddie/)
 * Last activity: [5 months ago](https://wordpress.org/support/topic/cloudflare-authentication-error/#post-18774320)
 * Status: resolved