Configure Network-layer DDoS Attack Protection in the dashboard
Configure the Network-layer DDoS Attack Protection managed ruleset by defining in the Cloudflare dashboard. DDoS overrides allow you to customize the action and sensitivity of one or more rules in the managed ruleset.
You define overrides for the Network-layer DDoS Attack Protection managed ruleset at the account level.
Create a DDoS override
Go to Account Home > L3/4 DDoS > Network-layer DDoS Protection.
Select Deploy a DDoS override.
In Set scope, specify if you wish to apply the override to all incoming packets or to a subset of the packets.
If you are creating an override for a subset of the incoming packets, define the that matches the incoming packets you wish to target in the override, using either the Rule Builder or the Expression Editor.
Depending on what you wish to override, refer to the following sections (you can perform both configurations on the same override):
Configure all the rules in the ruleset (ruleset override)
- Select Next.
- Enter a name for your override in Execution name.
- To always apply a given action for all the rules in the ruleset, select an action in Ruleset action.
- To set the sensitivity level for all the rules in the ruleset, select a value in Ruleset sensitivity.
Configure one or more rules
Search for the rules you wish to override using the available filters. You can search for tags.
To override a single rule, select the desired value for a field in the displayed dropdowns next to the rule.
To configure more than one rule, select the rules using the row checkboxes and update the fields for the selected rules using the dropdowns displayed before the table. You can also configure all the rules with a given tag. For more information, refer to .
Enter a name for your override in Execution name.
To save and deploy the override, select Deploy. If you are not ready to deploy your override, select Save as Draft.