Skip to content
Visit Cloudflare Fundamentals on GitHub
Set theme to dark (⇧+D)

Protect your origin server — Enterprise

Your origin server is a physical or virtual machine that is not owned by Cloudflare and hosts your application content (data, webpages, etc.).

Receiving too many requests can be bad for your origin. These requests might increase latency for visitors, incur higher costs — particularly for cloud-based machines — and could knock your application offline.

Select a plan to see how Cloudflare can help you protect your origin:


Secure origin connections

When you secure origin connections, it prevents attackers from discovering and overloading your origin server with requests.

Monitor origin health

For passive monitoring, create notifications for Origin Error Rate Alerts to receive alerts when your origin returns 5xx codes above a configurable threshold and Passive Origin Monitoring to see when Cloudflare is unable to reach your origin for a few minutes.

For more active monitoring, set up standalone health checks for your origin.

Reduce origin traffic

Block traffic

So long as your traffic is proxied by Cloudflare, Cloudflare automatically protects your application from DDoS attacks.

Additionally, adjust various settings in your Firewall to restrict potentially malicious traffic:

Increase caching

The cache stores data from your application (webpages, etc.) at Cloudflare data centers around the world, which reduces the number of requests sent to your origin server.

Distribute traffic

Set up load balancing (add-on service) to spread traffic across multiple servers, reducing server strain and improving the experience for end users.

To protect specific endpoints from being overwhelmed by traffic spikes, set up a waiting room.