Skip to content

Setup

In order to enable automatic mitigation of random prefix attacks:

  1. Set up DNS Firewall.

  2. Enable attack mitigation on your DNS Firewall cluster.

    1. In the Cloudflare dashboard, go to the DNS Firewall Clusters page.

      Go to Clusters
    2. Select the cluster you want to update, then select Edit.

    3. Turn on Attack mitigation and choose whether Cloudflare should only mitigate attacks when the upstream is unhealthy.

    4. Select Save.

Once you turn on attack mitigation, Cloudflare returns a REFUSED response to queries that are part of a random prefix attack.