Cloudflare Docs

Cloudflare Docs

Overview
Concepts
WAF attack score
Uploaded content scanning
Custom rules
Create custom rules in the dashboard
Create custom rules via API
Configure a rule with the Skip action
API examples
Skip options
Common use cases
Allow traffic from search engine bots
Allow traffic from specific countries only
Block Microsoft Exchange Autodiscover requests
Block requests by Threat Score
Challenge bad bots
Exempt partners from Hotlink Protection
Require a specific cookie
Require a valid HMAC token
Require known IP addresses in site admin area
Require specific HTTP headers
Require specific HTTP ports
Stop R-U-Dead-Yet? (R.U.D.Y.) attacks
Update custom rules for customers or partners
Manage custom rules in the dashboard
Custom rulesets
Use the dashboard
Use the API
Rate limiting rules
Request rate calculation
Create in the dashboard for a zone
Create in the dashboard for an account
Create via API
Find appropriate rate limit
Rate limiting parameters
Rule examples
Best practices
Managed rules
Deploy in the dashboard for a zone
Deploy in the dashboard for an account
Deploy via API
Rulesets reference
Cloudflare Managed Ruleset
Cloudflare OWASP Core Ruleset
Cloudflare Exposed Credentials Check
Create WAF exceptions
Add an exception in the dashboard
Add an exception via API
Log the payload of matched rules
Configure payload logging in the dashboard
View the payload content in the dashboard
Configure payload logging via API
Command-line operations
Generate a key pair
Decrypt the payload content
Handle false positives
Additional tools
IP Access rules
Create a rule
Parameters
Actions
Lists
IP Lists
Bulk Redirect Lists
Create in the dashboard
Use lists in expressions
Lists API
JSON object
Endpoints
User Agent Blocking
Zone Lockdown
Browser Integrity Check
Challenge Passage
Privacy Pass
Security Level
Automated exposed credentials check
How exposed credentials checks work
Configure exposed credentials checks via API
Test your exposed credentials checks configuration
Monitor exposed credentials events
Security Analytics
Security Events
Free plan
Paid plans
Additional information
Reference
Alerts
Phases
Migration guides
Migrating to the new WAF Managed Rules
Firewall rules are becoming custom rules
Deprecation of old rate limiting
Legacy features
WAF managed rules (previous version)
Troubleshooting
Rate Limiting (previous version)
Troubleshooting
Troubleshooting
Bing's Site Scan blocked by a managed rule
Changelog
Scheduled changes
2023-09-18
2023-09-04
2023-08-21
2023-08-17 - Emergency
2023-08-07
2023-08-01 - Emergency
2023-07-31
2023-07-10
2023-07-05
2023-06-19
2023-06-14 - Emergency
2023-06-12
2023-06-09 - Emergency
2023-05-22
2023-05-02
2023-04-11
2023-03-20
2023-03-13
2023-03-06
2023-02-27
2023-02-13
2023-02-06
2023-01-30
2023-01-24
2023-01-16
2023-01-09
2022-12-12
2022-11-29
2022-11-14
2022-10-31
2022-10-18 - Emergency
2022-10-17
2022-10-14 - Emergency
2022-10-10
2022-10-03 - Emergency
2022-10-03
2022-09-20 – Emergency
2022-09-12
2022-09-05
2022-08-30
2022-08-22
2022-08-15
2022-08-01
2022-07-25
2022-07-18
2022-07-06
2022-07-05
2022-06-20
2022-06-10 – Emergency
2022-06-07 – Emergency
2022-06-06
2022-06-04 – Emergency
2022-06-03 – Emergency
2022-05-30
2022-05-16
2022-05-10 – Emergency
2022-05-09
2022-04-25
2022-04-20
2022-04-11
2022-04-04 – Emergency
2022-03-31 – Emergency
2022-03-29 – Emergency
2022-03-14
2022-03-07
2022-02-28
2022-02-21
2022-02-14
2022-01-24
2021-12-16 – Emergency
2021-12-14 – Emergency
2021-12-10 – Emergency
2021-11-01
2021-10-25
2021-10-19
2021-10-04
2021-09-06
2021-09-01 – Emergency
2021-08-31
2021-08-23
2021-08-16
2021-07-26
2021-07-19
2021-07-01 – Emergency
2021-06-21
2021-06-14
2021-06-07
2021-06-01
2021-04-21 – Emergency
2021-04-19
2021-03-22
2021-03-08
2021-03-06 – Emergency
2021-03-05 – Emergency
2021-03-01
2020-12-14
2020-12-02
2020-11-16
2020-11-05 – Emergency
2020-11-04 – Emergency
2020-10-19
2020-10-12
2020-10-05
2020-09-28
2020-09-21
2020-09-15
2020-09-07
2020-08-24
2020-09-01
2020-07-27
2020-08-03
2020-07-20
2020-07-07 – Emergency
2020-07-13
2020-06-22
2020-06-15
2020-06-08
2020-05-25
2020-05-11
2020-05-04
2020-04-27
2020-04-20
2020-04-06
2020-03-30
2020-03-23
2020-03-12
2020-03-09
2020-03-02 – Emergency
2020-02-17
2020-02-10
2020-01-27
2020-01-20
2020-01-16 – Emergency
2019-12-16
2019-11-25 – Emergency
2019-11-12
2019-11-07 – Emergency
2019-11-04
2019-10-27 – Emergency
2019-10-23 – Emergency
2019-10-21
2019-10-17 – Emergency
2019-10-14
2019-10-07
2019-09-30
2019-09-26 – Emergency
2019-09-16
Historical

2023-07-10

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
OWASP Rules	...af347fde	N/A	944100: Remote Command Execution: Suspicious Java class detected	N/A	Block	Fixing OWASP Rule ...af347fde : 944100: Remote Command Execution: Suspicious Java class detected
OWASP Rules	...9fae472b	N/A	944110: Remote Command Execution: Java process spawn (CVE-2017-9805)	N/A	Block	Fixing OWASP Rule ...9fae472b : 944110: Remote Command Execution: Java process spawn (CVE-2017-9805)
OWASP Rules	...5ab75703	N/A	944120: Remote Command Execution: Java serialization (CVE-2015-4852)	N/A	Block	Fixing OWASP Rule ...5ab75703 : 944120: Remote Command Execution: Java serialization (CVE-2015-4852)
OWASP Rules	...73cd4e53	N/A	944210: Magic bytes Detected Base64 Encoded, probable Java serialization in use	N/A	Block	Fixing OWASP Rule ...73cd4e53 : 944210: Magic bytes Detected Base64 Encoded, probable Java serialization in use
OWASP Rules	...e068f5d3	N/A	944300: Base64 encoded string matched suspicious keyword	N/A	Block	Fixing OWASP Rule ...e068f5d3 : 944300: Base64 encoded string matched suspicious keyword