Understanding the Cloudflare Browser Integrity Check

Learn how the Cloudflare Browser Integrity Check denies access to your website for requests with HTTP headers abused by spammers.


The Cloudflare Browser Integrity Check (BIC) operates similar to Bad Behavior and looks for common HTTP headers abused most commonly by spammers and denies access to your page.  It also challenges visitors without a user agent or with a non-standard user agent such as commonly used by abusive bots, crawlers, or visitors.

BIC is enabled by default via the Settings tab of the Cloudflare Firewall app.  You can disable the BIC using a Firewall BYPASS rule. Also, use a Page Rule to selectively enable or disable this feature for certain sections of your website.  For example,  disable BIC for your API traffic.

Related resources

Understanding your site protections options

Not finding what you need?

95% of questions can be answered using the search tool. This is the quickest way to get a response.