Configure in the dashboard
You can configure the following settings of the Cloudflare OWASP Core Ruleset in the dashboard:
- Set the paranoia level. The available levels are PL1 (default), PL2, PL3, and PL4.
- Set the score threshold. The available thresholds are: Low - 60 and higher, Medium - 40 and higher (default), or High - 25 and higher.
- Set the action to perform. The action is executed when the calculated request threat score is greater than the score threshold. The available actions are: Block (default), Managed Challenge, JS Challenge, Log, and Interactive Challenge.
- Disable specific rules or rules with specific tags.
- Customize the filter expression. With a custom expression, the Cloudflare OWASP Core Ruleset applies only to a subset of the incoming requests.
- Configure payload logging.
For details on configuring a managed ruleset in the dashboard, refer to Configure a managed ruleset.
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Products
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark