Secure your website
Cloudflare offers several tools to protect your website against malicious traffic and bad actors.
Account protection options
Zone protection options
All customers also have the options to adjust the following Security settings:
- : Use the IP reputation of a visitor to determine whether to present a page.
- : Specify the length of time that a visitor can access your website after completing a security challenge.
- : Evaluate incoming HTTP headers based on known threats — such as requests with a missing or non-standard user agent — and present a challenge page if needed.
- : Reduce the number of challenges presented to visitors using the Privacy Pass browser extension.
Protection with minimal setup
Based on additional knowledge about your website traffic and requirements, you can also:
- Enable to add an extra layer of authentication to DNS queries.
- Enable .
- Set up various Security rules:
- block, challenge, or allow requests based on (user agents, cookies, referrer, and more).
- (usage-based billing) block IP addresses based on a URL pattern and defined request threshold.
- block, challenge, or allow requests based on IP address, IP range, country, or ASN.
- block or challenge specific requests based on the associated user agent value.
- (customers on a Pro plan or higher) specify a list of IP addresses, CIDR ranges, or networks that are allowed to access a particular domain, subdomain, or URL.
- Further customize and settings.
- Create to prevent access to specify URLs, request schemes, file types, subdomains, or directories by redirecting users to a safe location.
- Restrict access to documents, files, and media by configuring .
Cloudflare also offers dedicated products to increase the security of your website and underlying infrastructure:
- : Protect your API from malicious traffic by enforcing schema validation, detecting abuse patterns, and more.
- : Use Cloudflare’s firewall-as-a-service (FWaaS) to protect office networks and cloud infrastructure with advanced, scalable protection.
- : Delivers network functions at Cloudflare scale — DDoS protection, traffic acceleration, and much more from every Cloudflare data center — for on-premise, cloud-hosted, and hybrid networks.
- : Securely connect any traffic source - data centers, offices, devices, cloud properties - to Cloudflare’s network and configure routing policies to get the bits where they need to go, all within one SaaS solution.
- : Monitor third-party scripts on your application and receive notifications when they have been compromised or are exhibiting malicious behavior.