Create allow rules
1 min read
Based on your application’s traffic, you should create firewall rules that explicitly allow expected automated or likely automated traffic.
Cloudflare recommends being as specific as possible when analyzing traffic and creating rules, usually including a combination of user-agent values, IP addresses or ASNs, and JA3 fingerprints.
If you only use a specific characteristic for your allow rules (such as the user-agent), it could be discovered by malicious bots and expose your application to automated abuse.
Unit 3 of 7