search

WAF (Web Application Firewall)

Personal Notes for Cloudflare WAF

hashtag
Overview

Provides both automatic protection from vulnerabilities and the flexibility to create custom rules.

hashtag
Main features

  • Custom rules: Create your own custom rules to protect your website and your APIs from malicious incoming traffic.

  • Rate limiting rules: Set rate limits for incoming requests matching an expression, and the action to take when those rate limits are reached.

  • WAF Managed Rulesets: Enable the pre-configured Managed Rulesets to get immediate protection. Adjust the behavior of managed rules, choosing from several possible actions.

  • Exposed Credential Checks: Monitor and block the use of stolen/exposed credentials for account takeover.

  • Firewall Analytics: Identify and investigate security threats using an intuitive interface. Tailor your security configurations based on the activity log.

hashtag
WAF Request Match

This section sets fields for what the WAF will apply to.

  • Field: Variable

hashtag
Step 1: Find WAF in Cloudflare

You can find WAF on the left hand side under security.

hashtag
Step 2: Create Your First Firewall Rule

hashtag
Step 3: Choose a Guide

hashtag
Blocking Guides:

Follow our handy guides to get started on the basics as quickly as possible:

Block a Countrychevron-rightBlock a Continentchevron-rightBlock by IP Addresschevron-rightBlock a Countrychevron-right

hashtag
CAPTCHA Guides:

Learn the fundamentals Captcha:

Legacy CAPTCHA by Browserchevron-rightLegacy CAPTCHA for Countrychevron-rightLegacy CAPTCHA IP Addresschevron-rightLegacy CAPTCHA Continentchevron-right
NextGuides

Last updated