How it works
When that visitor tries to access other parts of your website, Cloudflare evaluates the cookie before presenting another challenge. If the cookie is still valid, no challenges will be shown.
When Cloudflare evaluates a
cf_clearance cookie, a few extra minutes are included to account for clock skew. For XmlHTTP requests, an extra hour is added to the validation time to prevent breaking XmlHTTP requests for pages that set short lifetimes.
Customize the Challenge Passage
By default, the
cf_clearance cookie has a lifetime of 30 minutes. Cloudflare recommends a setting between 15 and 45 minutes.
To update the Challenge Passage (and the value of the
- Log into the .
- Select your account and domain.
- Go to Security > Settings.
- For Challenge Passage, select a duration.
The Challenge Passage does not apply to challenges issued by WAF managed rules. Also, Challenge Passage does not apply to rate limiting rules unless the rate limit is configured to issue a challenge.