HTTP DDoS Attack Protection Managed Ruleset
The Cloudflare HTTP DDoS Attack Protection Managed Ruleset is a set of pre-configured rules used to match at layer 7 (application layer) on the edge. Cloudflare updates the list of rules in the Managed Ruleset on a regular basis.
The HTTP DDoS Attack Protection Managed Ruleset is always enabled — you can only customize its behavior.
The HTTP DDoS Attack Protection Managed Ruleset provides users with increased observability into L7 DDoS attacks mitigated by Cloudflare, informing users of ongoing or past attacks. The , available at Firewall > Overview, will display additional information on the types of L7 DDoS attacks detected for a specific zone.
You can adjust the behavior of the rules in the Managed Ruleset by modifying the following parameters:
- The performed action when an attack is detected
- The sensitivity level of attack detection mechanisms
To adjust rule behavior, do one of the following:
The HTTP DDoS Attack Protection Managed Ruleset protects Cloudflare customers on all plans, and all customers can customize the ruleset.