Cloudflare Docs
DDoS Protection
Edit this page
Give us feedback
Set theme to dark (⇧+D)

Managed rulesets

The DDoS Attack Protection managed rulesets provide comprehensive protection against a variety of DDoS attacks across L3/4 (network layer) and L7 (application layer) of the OSI model.

The available managed rulesets are:

​​ Proactive false positive detection for new rules

When Cloudflare creates a new managed rule, we check the rule impact against the traffic of Business and Enterprise zones while the rule is not blocking traffic yet.

If a false positive is detected, we proactively reach out to the affected customers and help them make configuration changes (for example, to lower the sensitivity level of the new rule) before the rule starts mitigating traffic. This prevents the new rule from causing service disruptions and outages to your Internet properties.