"Also having an admin_broken_urls module (v11) is highly questionable. Likely should just roll into Health Check, as a number of separate checks running off of a common API.
Should be different health checks for local URLs, remote URLs, and the other options currently handled in admin_broken_urls."
One thing to note is Cloudflare is sometimes putting out 'challenge pages', with a 403 status code and no way (other than screen-scraping) to know it's because it thinks you may be a bot. Which will be the case for broken URL checks.
So the broken URL checking needs to handle 403 (and probably 401) as not failures. Perhaps make the checks smarter than binary fails/works, with support for a few different response categories, and include this information in the check results.
Should be different health checks for local URLs, remote URLs, and the other options currently handled in admin_broken_urls."
EDIT: No, because false-positives will happen.
So the broken URL checking needs to handle 403 (and probably 401) as not failures. Perhaps make the checks smarter than binary fails/works, with support for a few different response categories, and include this information in the check results.