When building a self-publishing blog skill for Claude Code, I hit an unexpected wall: Cloudflare’s Web Application Firewall was blocking my API requests. The culprit? Code examples containing shell commands. Here’s how I diagnosed the issue and found three working solutions.
The Problem
I built a skill that publishes technical blog posts directly to WordPress via the REST API. Simple prose worked fine. But when I tried to include code blocks with shell command examples, I got blocked:
Sorry, you have been blocked
You are unable to access stephenfeather.comThe response was an HTML page from Cloudflare, not a WordPress error. Something in my content was triggering the WAF.
Diagnosis: Isolating the Trigger
I ran systematic tests to find exactly what triggered the block:
| Content | Result |
|---|---|
| Simple text post | ✅ Works |
| Code block with “echo hello” | ✅ Works |
| -d ‘{“key”: “value”}’ | ✅ Works |
| The HTTP command-line tool name | ❌ Blocked |
| Uppercase version | ❌ Blocked |
The WAF was specifically blocking the name of the common HTTP command-line tool (the one that rhymes with “hurl”). Even in a code block. Even in uppercase. Cloudflare’s rules apparently flag it as a potential command injection vector.
Three Working Bypass Methods
I tested several approaches. Three produce valid, copy-pasteable shell commands:
Option 1: Split Commands Across Lines
Line continuation with backslashes separates the trigger word from the flags:
# This bypasses WAF and renders correctly
http_tool \
-X POST \
"https://example.com" \
-H "Content-Type: application/json"This is the most readable option for tutorials. The command still works when copied.
Option 2: Use a Variable
CMD=http_tool
$CMD -X POST "https://example.com"Valid shell syntax. Also educational—shows readers that commands can be stored in variables.
Option 3: Backticks
`http_tool` -X POST "https://example.com"Backticks cause command substitution in shell, so this executes the same way. Looks slightly unusual but works.
What Didn’t Work
Zero-width spaces: Inserting Unicode U+200B between characters bypasses the WAF. But when readers copy the code, the invisible character breaks the command. Don’t use this.
HTML entities: Using numeric character references bypasses the WAF but WordPress preserves the entity in the output. Readers would copy broken code.
Other Learnings
Base64 auth headers are required for media uploads. The common pattern of using -u user:pass works for creating posts but returns 401 for media uploads. Use the Authorization: Basic header with base64-encoded credentials instead.
Write JSON to a file. When shell escaping gets complex, write your payload to a temp file and reference it with -d @/tmp/post.json. Cleaner and avoids escaping issues.
The Updated Workflow
My blog publishing skill now includes WAF bypass guidance. When writing posts with code examples, it automatically uses the split-line format for any shell commands. The skill also stores learnings in a memory system so future sessions don’t repeat the same debugging.
Related Posts
This post was itself written and published using the skill described in Creating a Self-Documenting Claude Code Skill for Technical Blog Posts. The memory system mentioned here is documented in How to Build Agents That Learn From Every Run.
Leave a Reply
You must be logged in to post a comment.