Configure a rule with the Skip action

Use the Skip action in a custom rule to skip one or more security features. A rule configured with the Skip action is also known as a skip rule.

Skip rules allow specific requests to bypass security features that would otherwise block or challenge them. Use skip rules when legitimate traffic matches a security rule unintentionally. For example, to allow a trusted API client through rate limiting rules, or to exempt an internal monitoring service from Managed Rules.

You can skip rate limiting rules, Managed Rules, Super Bot Fight Mode rules, and several other security products. However, you cannot skip Bot Fight Mode (available on the Free plan).

For more information on the available options, refer to Available skip options.

New dashboard

1. In the Cloudflare dashboard, go to the Security rules page.

   Go to Security rules

2. Create a custom rule by selecting Create rule > Custom rules, or edit an existing custom rule.

3. Define the rule name and the rule expression.

4. Under Choose action, select Skip from the dropdown.

   

5. Configure the desired skip options.

6. Save your changes.

Old dashboard

1. Log in to the Cloudflare dashboard ↗, and select your account and domain.

2. Go to Security > WAF > Custom rules.

3. Create a custom rule by selecting Create rule, or edit an existing custom rule.

4. Define the rule name and the rule expression.

5. Under Choose action, select Skip from the dropdown.

   

6. Configure the desired skip options.

7. Save your changes.

API

Use the Rulesets API to configure custom rules via API.

Refer to API examples for examples of creating skip rules.