Skip to content

Cloudflare Docs

Docs Directory APIs SDKs

Select theme

No results found. Try a different search term, or use our .

Overview
Get started
Concepts
Traffic detections
- Overview
- Attack score
- Leaked credentials
- Malicious uploads
- Firewall for AI Beta
- Bot score ↗
Custom rules
Rate limiting rules
Managed rules
- Overview
- Deploy in the dashboard
- Deploy via API
- Deploy using Terraform ↗
- Troubleshooting
- Create exceptions
- Log the payload of matched rules
  - Overview
  - Configure in the dashboard
  - View the payload content in the dashboard
  - Configure via API
  - Store decrypted matched payloads in logs
  - Command-line operations
    
    Overview
    Generate a key pair
    Decrypt the payload content
- Check for exposed credentials
- Rulesets reference
  - Cloudflare Managed Ruleset
  - Cloudflare OWASP Core Ruleset
    
    Overview
    Concepts
    Evaluation example
    Configure in the dashboard
    Configure via API
    Configure in Terraform ↗
  - Cloudflare Exposed Credentials Check Managed Ruleset
  - Cloudflare Sensitive Data Detection
Additional tools
- Lists
- IP Access rules
- Scrape Shield
- User Agent Blocking
- Zone Lockdown
- Browser Integrity Check
- Enable security.txt ↗
- Privacy Pass
- Replace insecure JS libraries
- Security Level
- Validation checks
Account-level configuration
- Overview
- Custom rulesets
- Rate limiting rulesets
- Managed rulesets
Analytics
- Security Analytics
- Security Events
Reference
- Alerts
- Phases
- Legacy features
  - WAF managed rules (previous version)
    
    Overview
    Troubleshooting
    WAF managed rules upgrade
  - Rate Limiting (previous version)
    
    Overview
    Troubleshooting
    Rate limiting upgrade
  - Firewall rules ↗
  - Firewall rules upgrade
Troubleshooting
Glossary
Changelog

GitHub X.com YouTube

Select theme

On this page

Overview

On this page

Overview

Was this helpful?

Directory
WAF
Additional tools

Additional tools

Help us improve your experience

The Cloudflare application security docs team is running a survey to learn how well the documentation is working for you, and where we can do better.

Take the survey ↗ and share your feedback directly with Cloudflare.

The Cloudflare WAF offers the following additional tools:

Browser Integrity Check
Enable security.txt
Privacy Pass
Replace insecure JS libraries
Security Level
Scrape Shield
User Agent Blocking
Validation checks
Lists
IP Access rules
Zone Lockdown

Was this helpful?

Last updated: Sep 12, 2025

Resources
API
New to Cloudflare?
Directory
Sponsorships
Open Source

Support
Help Center
System Status
Compliance
GDPR

Company
cloudflare.com
Our team
Careers

Tools
Cloudflare Radar
Speed Test
Is BGP Safe Yet?
RPKI Toolkit
Certificate Transparency

Community
X
Discord
YouTube
GitHub

© 2025 Cloudflare, Inc.
Privacy Policy
Terms of Use
Report Security Issues
Trademark