Customize Cloudflare security
Another way of reducing origin traffic is customizing the Cloudflare WAF and other security features. The fewer malicious requests that reach your application, the fewer that could reach (and overwhelm) your origin.
To reduce incoming malicious requests, you could:
- Create WAF custom rules for protection based on specific aspects of incoming requests.
- Adjust DDoS rules to handle false negatives and false positives.
- Build rate limiting rules to protect against specific patterns of requests.
- Enable bot protection or set up Bot Management for Enterprise to protect against automated abuse.
- Explore network-layer DDoS attack protection.
- Configure your zone's Security Level globally or selectively (depending on your needs).
- Review the rest of Cloudflare's security options.