Cloudflare Docs
WAF
Edit this page
Report an issue with this page
Log into the Cloudflare dashboard
Set theme to dark (⇧+D)

Historical - 2019

RulesetRule IDDescriptionChange DateOld ActionNew Action
Cloudflare Specials100242Block Citrix Netscaler ADC - CVE-2019-19781Emergency, 2019-12-16N/ABlock
Cloudflare Specials100009CBImprovement in Equation-like SQLi. Merge 100009CB_BETA into 100009CB.2019-12-16BlockBlock
Cloudflare Specials100191Improvement CVE-2019-11043 detection. Merge 100191_BETA into 100191.2019-12-16BlockBlock
Cloudflare OWASP9802140Minor change to reduce Gutenberg false positivesEmergency, 2019-11-25Scoring basedScoring based
Cloudflare OWASP9802140_JSONMinor change to reduce Gutenberg false positivesEmergency, 2019-11-25Scoring basedScoring based
Cloudflare OWASP9802141Minor change to reduce Gutenberg false positivesEmergency, 2019-11-25Scoring basedScoring based
Cloudflare OWASP9802141_JSONMinor change to reduce Gutenberg false positivesEmergency, 2019-11-25Scoring basedScoring based
Cloudflare OWASP960034Reduce false positives for requests made with HTTP 2 and 3Emergency, 2019-11-25Scoring basedScoring based
Cloudflare Specials100148Disable outdated XSS rule by default2019-11-12BlockDisable
Cloudflare Specials100035CUpdate valid Googlebot IP rangesEmergency, 2019-11-07BlockBlock
Cloudflare Specials100035DUpdate valid Googlebot IP rangesEmergency, 2019-11-07DisabledDisabled
Cloudflare Specials100139AImprove XSS detection. Merge 100139A_BETA into 100139A.2019-11-04DisableDisable
Cloudflare Specials100139BImprove XSS detection. Merge 100139B_BETA into 100139B.2019-11-04BlockBlock
Cloudflare Specials100139CImprove XSS detection. Merge 100139C_BETA into 100139C.2019-11-04BlockBlock
Cloudflare Specials100139DImprove XSS detection2019-11-04N/ABlock
Cloudflare Specials100173Improve XSS detection2019-11-04N/ABlock
Cloudflare Specials100030SVGDisable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100021CDisable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100021CEDisable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100021CBDisable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100021DDisable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100107Disable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100030Disable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100030ARGS_STRICTDisable outdated XSS rule by default2019-11-04ChallengeDisable
Cloudflare Specials100021Disable outdated XSS rule by default2019-11-04ChallengeDisable
Cloudflare Specials100021BDisable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100021EDisable outdated XSS rule by default2019-11-04ChallengeDisable
Cloudflare Specials100090Disable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100091Disable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100091BDisable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100092Disable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100170Improve XSS detection. Merge 100170_BETA into 100170.2019-11-04BlockBlock
Cloudflare Specials100021HDisable outdated XSS rule by default2019-11-04BlockDisable
Cloudflare Specials100044Disabled obsolete rule by default. Merge 100044_BETA into 100044.2019-11-04BlockDisable
Cloudflare Specials100174Improve XSS detection2019-11-04N/ABlock
Cloudflare Specials100135BReduced false positive rate. Merge 100135B_BETA into 100135B.2019-11-04BlockBlock
Cloudflare Specials100191Block CVE-2019-11043Emergency, 2019-10-27N/ABlock
Cloudflare Specials100035CImprove Fake Google Bot detection. Merge 100035C_BETA into 100035C.Emergency, 2019-10-23BlockBlock
Cloudflare Specials100009CBImprove Comparison-like SQL Injection detection. Merge 100009CB_BETA into 100009CB.2019-10-21BlockBlock
Cloudflare Specials100026Improve PHP Code Injection and File Upload detection2019-10-21BlockBlock
Cloudflare Specials100186Block vBulletin vulnerability CVE-2019-171322019-10-21LogBlock
Cloudflare Specials100187Block vBulletin vulnerability CVE-2019-171322019-10-21LogBlock
Cloudflare Specials100035DImprove Fake Google Bot detection. Merge 100035D_BETA into 100035D. Change originally scheduled for 2019-10-21.Emergency, 2019-10-17DisableDisable
Cloudflare Specials100035Improve Fake Google Bot detection. Merge 100035_BETA into 100035. Change originally scheduled for 2019-10-21.Emergency, 2019-10-17BlockBlock
Cloudflare Specials100035CImprove Fake Google Bot detection. Merge 100035C_BETA into 100035C. Change originally scheduled for 2019-10-21.Emergency, 2019-10-17BlockBlock
Cloudflare Specials100035BImprove Fake Bing Bot detection. Merge 100035B_BETA into 100035B. Change originally scheduled for 2019-10-21.Emergency, 2019-10-17BlockBlock
Cloudflare Specials100035YImprove Fake Yandex Bot detection. Merge 100035Y_BETA into 100035Y. Change originally scheduled for 2019-10-21.Emergency, 2019-10-17BlockBlock
Cloudflare Specials100035UImprove Fake Baidu Bot detection. Merge 100035U_BETA into 100035U. Change originally scheduled for 2019-10-21.Emergency, 2019-10-17BlockBlock
Cloudflare Specials100135AImprove XSS detection. Merge 100135A_UBETA into 100135A.2019-10-14BlockBlock
Cloudflare Specials100135BImprove XSS detection. Merge 100135B_UBETA into 100135B.2019-10-14DisableBlock
Cloudflare Specials100135CImprove XSS detection. Merge 100135C_UBETA into 100135C.2019-10-14BlockBlock
Cloudflare Specials100136AImprove XSS detection. Merge 100136A_UBETA into 100136A.2019-10-14BlockBlock
Cloudflare Specials100136BImprove XSS detection. Merge 100136B_UBETA into 100136B.2019-10-14BlockBlock
Cloudflare Specials100136CImprove XSS detection. Merge 100136C_UBETA into 100136C.2019-10-14BlockBlock
Cloudflare Specials100167Improve XSS and HTML Injection detection2019-10-14N/ABlock
Cloudflare Specials100168Improve XSS and HTML Injection detection2019-10-14N/ABlock
Cloudflare Specials100169Improve XSS and HTML Injection detection2019-10-14N/ADisable
Cloudflare Specials100170Improve XSS and HTML Injection detection2019-10-14N/ABlock
Cloudflare Specials100171Improve XSS and HTML Injection detection2019-10-14N/ADisable
Cloudflare Specials100172Improve XSS and HTML Injection detection2019-10-14N/ABlock
Cloudflare WordPressWP0015Disables outdated WordPress rule by default. If this rule's action is set to anything other than the default, this change will have no effect.2019-10-07BlockDisable
Cloudflare Specials100008EImprove SQLi protection2019-09-30BlockBlock
Cloudflare Specials100008ESQLi improvement2019-09-30BlockBlock
Cloudflare Specials100166Block vBulletin CVE-2019-16759Emergency, 2019-09-26NoneBlock
Cloudflare OWASP9002140OWASP WordPress improvement2019-09-23Scoring basedScoring based
Cloudflare OWASP9002140_JSONOWASP WordPress improvement2019-09-23Scoring basedScoring based
Cloudflare OWASP9002141OWASP WordPress improvement2019-09-23Scoring basedScoring based
Cloudflare OWASP9002141_JSONOWASP WordPress improvement2019-09-23Scoring basedScoring based
Cloudflare Specials100162SQLi improvement on SELECT FROM TABLE statements2019-09-23N/ABlock
Cloudflare Specials100160JBoss protection improvement2019-09-16N/ABlock
Cloudflare OWASP9002140Small improvement to Gutenberg exception rules2019-09-09N/AScoring based
Cloudflare OWASP9002140_JSONSmall improvement to Gutenberg exception rules2019-09-09N/AScoring based
Cloudflare OWASP9002141Small improvement to Gutenberg exception rules2019-09-09N/AScoring based
Cloudflare OWASP9002141_JSONSmall improvement to Gutenberg exception rules2019-09-09N/AScoring based
Cloudflare Specials100158SQL Injection - Obfuscated SELECT expressions2019-09-09LogBlock
Cloudflare OWASPURI-973326Small improvement in OWASP rule2019-09-09Scoring basedScoring based
Cloudflare OWASP973326Small improvement in OWASP rule2019-09-09Scoring basedScoring based
Cloudflare OWASPURI-950901Remove OWASP rule2019-09-02Scoring basedN/A
Cloudflare OWASP959151Small improvement in OWASP rule2019-09-02BlockBlock
Cloudflare OWASP950901Remove OWASP rule2019-09-02Scoring basedN/A
Cloudflare DrupalD0003BDisable rule by default2019-07-29BlockDisable
Cloudflare Specials100005ADisable rule by default2019-07-29LogDisable
Cloudflare Specials100007NDisable rule by default2019-07-29LogDisable
Cloudflare Specials100009DBETADisable rule by default2019-07-29LogDisable
Cloudflare Specials100009IDisable rule by default2019-07-29LogDisable
Cloudflare Specials100009LDisable rule by default2019-07-29LogDisable
Cloudflare Specials100010BDisable rule by default2019-07-29LogDisable
Cloudflare Specials100021CDDisable rule by default2019-07-29LogDisable
Cloudflare Specials100030_BETADisable rule by default2019-07-29LogDisable
Cloudflare Specials100030ARGS_LOOSEDisable rule by default2019-07-29LogDisable
Cloudflare Specials100035B2Disable rule by default2019-07-29LogDisable
Cloudflare Specials100035DDisable rule by default2019-07-29LogDisable
Cloudflare Specials100042Disable rule by default2019-07-29LogDisable
Cloudflare Specials100056_BETADisable rule by default2019-07-29LogDisable
Cloudflare Specials100057Disable rule by default2019-07-29LogDisable
Cloudflare Specials100059Disable rule by default2019-07-29LogDisable
Cloudflare Specials100061Disable rule by default2019-07-29LogDisable
Cloudflare Specials100062Disable rule by default2019-07-29LogDisable
Cloudflare Specials100062_BETADisable rule by default2019-07-29LogDisable
Cloudflare Specials100064Disable rule by default2019-07-29LogDisable
Cloudflare Specials100066Disable rule by default2019-07-29LogDisable
Cloudflare Specials100067Disable rule by default2019-07-29LogDisable
Cloudflare Specials100068Disable rule by default2019-07-29LogDisable
Cloudflare Specials100075Disable rule by default2019-07-29LogDisable
Cloudflare Specials100077Disable rule by default2019-07-29LogDisable
Cloudflare Specials100078BDisable rule by default2019-07-29LogDisable
Cloudflare Specials100083Disable rule by default2019-07-29LogDisable
Cloudflare Specials100084Disable rule by default2019-07-29LogDisable
Cloudflare Specials100085Disable rule by default2019-07-29LogDisable
Cloudflare Specials100086Disable rule by default2019-07-29LogDisable
Cloudflare Specials100088CDisable rule by default2019-07-29LogDisable
Cloudflare Specials100093Disable rule by default2019-07-29LogDisable
Cloudflare Specials100096BEVILDisable rule by default2019-07-29LogDisable
Cloudflare Specials100096BHTMLDisable rule by default2019-07-29LogDisable
Cloudflare Specials100096EVILDisable rule by default2019-07-29LogDisable
Cloudflare Specials100096HTMLDisable rule by default2019-07-29LogDisable
Cloudflare Specials100098Disable rule by default2019-07-29LogDisable
Cloudflare Specials100105Disable rule by default2019-07-29LogDisable
Cloudflare Specials100106BDisable rule by default2019-07-29LogDisable
Cloudflare Specials100107ARGSDisable rule by default2019-07-29LogDisable
Cloudflare Specials100108Disable rule by default2019-07-29LogDisable
Cloudflare Specials100108ARGSDisable rule by default2019-07-29LogDisable
Cloudflare Specials100109Disable rule by default2019-07-29LogDisable
Cloudflare Specials100109BDisable rule by default2019-07-29LogDisable
Cloudflare Specials100111Disable rule by default2019-07-29LogDisable
Cloudflare Specials100115Disable rule by default2019-07-29LogDisable
Cloudflare Specials100119Disable rule by default2019-07-29LogDisable
Cloudflare Specials100122Disable rule by default2019-07-29LogDisable
Cloudflare Specials100123BDisable rule by default2019-07-29LogDisable
Cloudflare Specials100126Disable rule by default2019-07-29LogDisable
Cloudflare Specials100131Disable rule by default2019-07-29LogDisable
Cloudflare Specials100133Disable rule by default2019-07-29LogDisable
Cloudflare Specials100135BDisable rule by default2019-07-29LogDisable
Cloudflare Specials100137Disable rule by default2019-07-29LogDisable
Cloudflare Specials100139ADisable rule by default2019-07-29LogDisable
Cloudflare Specials100140Disable rule by default2019-07-29LogDisable
Cloudflare Specials100146Disable rule by default2019-07-29LogDisable
Cloudflare Specials100146BDisable rule by default2019-07-29LogDisable
Cloudflare Specials100149Disable rule by default2019-07-29LogDisable
Cloudflare Specials100158Disable rule by default2019-07-29LogDisable
Cloudflare MiscellaneousCFMISC0004Disable rule by default2019-07-29LogDisable
Cloudflare MiscellaneousCFMISC0004BDisable rule by default2019-07-29LogDisable
Cloudflare MiscellaneousCFMISC0016BDisable rule by default2019-07-29LogDisable
Cloudflare DrupalD0005Disable rule by default2019-07-29LogDisable
Cloudflare DrupalD0016Disable rule by default2019-07-29LogDisable
Cloudflare PHPPHP100008Disable rule by default2019-07-29LogDisable
Cloudflare PHPPHP100009Disable rule by default2019-07-29LogDisable
Cloudflare PHPPHP100010Disable rule by default2019-07-29LogDisable
Cloudflare PHPPHP100011ARGSDisable rule by default2019-07-29LogDisable
Cloudflare PHPPHP100011COOKIEDisable rule by default2019-07-29LogDisable
Cloudflare WordPressWP0012Disable rule by default2019-07-29LogDisable
Cloudflare WordPressWP0025CDisable rule by default2019-07-29LogDisable
Cloudflare WordPressWP0028Disable rule by default2019-07-29LogDisable
Cloudflare WordPressWP0030Disable rule by default2019-07-29LogDisable
Cloudflare Specials100136AImprove XSS JavaScript URI detection and reduce false positives2019-07-29BlockBlock
Cloudflare Specials100136BImprove XSS JavaScript URI detection and reduce false positives2019-07-29BlockBlock
Cloudflare Specials100136CImprove XSS JavaScript URI detection and reduce false positives2019-07-29BlockBlock
Cloudflare Specials100135AImprove XSS JavaScript Events detection and reduce false positives2019-07-29BlockBlock
Cloudflare Specials100135BImprove XSS JavaScript Events detection and reduce false positives2019-07-29LogBlock
Cloudflare Specials100135CImprove XSS JavaScript Events detection and reduce false positives2019-07-29BlockBlock
Cloudflare OWASP9002140Reduce WAF false positives for the Gutenberg WordPress editor2019-07-24N/AScoring based
Cloudflare OWASP9002140_JSONReduce WAF false positives for the Gutenberg WordPress editor2019-07-24N/AScoring based
Cloudflare OWASP9002141Reduce WAF false positives for the Gutenberg WordPress editor2019-07-24N/AScoring based
Cloudflare OWASP9002141_JSONReduce WAF false positives for the Gutenberg WordPress editor2019-07-24N/AScoring based
Cloudflare Specials100030Improve XSS HTML Script Tag detection2019-07-22BlockBlock
Cloudflare Specials100153Block Oracle WebLogic - Command Injection - CVE-2019-27292019-06-27BlockBlock
Cloudflare OWASP9002140AImprove 9002140A2019-06-19Scoring basedScoring based
Cloudflare OWASP9002140BImprove 9002140B2019-06-19Scoring basedScoring based
Cloudflare OWASP9002140AImprove 9002140A2019-06-17Scoring basedScoring based
Cloudflare OWASP9002140AImprove 9002140B2019-06-17Scoring basedScoring based
Cloudflare WordPressWP0033Easy WP SMTP - Deserialization2019-06-17LogBlock
Cloudflare Specials100156XSS, HTML Injection - Malicious HTML Encoding2019-06-17LogBlock
Cloudflare OWASP9002140B_BETAImprove 9002140B2019-06-10Scoring basedScoring based
Cloudflare Specials100005Improved shell variable normalization2019-06-10BlockBlock
Cloudflare Specials100007NSImproved shell variable normalization2019-06-10BlockBlock
Cloudflare Specials100155PHPCMS - Dangerous File Upload - CVE-2018-143992019-06-10LogBlock
Cloudflare Specials100096BHTMLXSS, HTML Injection - Body2019-06-03N/ALog
Cloudflare Specials100096BEVILXSS, HTML Injection - Body2019-06-03N/ALog
Cloudflare OWASP9002140ANew OWASP rules to allow requests from the WordPress's Gutenberg editor2019-06-03N/AScoring based
Cloudflare OWASP9002140BNew OWASP rules to allow requests from the WordPress's Gutenberg editor2019-06-03N/AScoring based
AllAllImprove Rule Descriptions2019-05-28N/AN/A
Cloudflare Specials100157Microsoft SharePoint Deserialization - CVE-2019-0604 (Strict)2019-05-28BlockBlock
Cloudflare Specials100053Potential FI or Alias/Rewrite Bypass - Double Slash in URL2019-05-20DisableDisable
Cloudflare Specials100122ARGSDangerous stream wrappers2019-05-20BlockDeprecated
Cloudflare Specials100122ARGS_GETDangerous stream wrappers2019-05-20BlockDeprecated
Cloudflare Specials100122Dangerous stream wrappers2019-05-20LogBlock
Cloudflare Specials100157Microsoft SharePoint Deserialization - CVE-2019-06042019-05-13N/ABlock
Cloudflare Specials100154WordPress Social Warfare RCE/XSS (CVE-2019-9978)2019-05-13LogBlock
Cloudflare OWASP9002140Reduce OWASP false positives2019-05-13LogAllow
Cloudflare Specials100008Improve SQLi detection2019-05-13BlockBlock
Cloudflare Specials100135AImprove XSS detection and reduce false positives2019-05-07BlockBlock
Cloudflare Specials100135BImprove XSS detection and reduce false positives2019-05-07LogBlock
Cloudflare Specials100135CImprove XSS detection and reduce false positives2019-05-07BlockBlock
Cloudflare Specials100136AImprove XSS detection and reduce false positives2019-05-07BlockBlock
Cloudflare Specials100136BImprove XSS detection and reduce false positives2019-05-07BlockBlock
Cloudflare Specials100153Block Oracle WebLogic CVE-2019-2725, CVE-2017-10271, CVE-2017-35062019-05-07N/ABlock
Cloudflare Specials100148Improve inline XSS detection2019-05-07LogBlock
Cloudflare Specials100105HEADERSPHP serialization in headers, excluding Cookies2019-05-07N/ABlock
Cloudflare Specials100146CPotential SSRF attack2019-05-07LogBlock
Cloudflare Specials100106PostgreSQL COPY Injection2019-05-07BlockBlock
Cloudflare Specials100139AHTML Injection, XSS or Code Injection via data URI2019-05-07N/ALog
Cloudflare Specials100139BHTML Injection, XSS or Code Injection via data URI2019-05-07N/ABlock
Cloudflare Specials100139CHTML Injection, XSS or Code Injection via data URI2019-05-07N/ABlock
Cloudflare Specials100105REFERERPHP serialization in Referer header2019-04-29N/ABlock
Cloudflare Specials100152Joomla CVE-2019-109452019-04-29N/ABlock
Cloudflare Specials100144NoSQL Injection attack (Expression vector)2019-04-29LogBlock
Cloudflare Specials100143NoSQL Injection attack (comparison vector)2019-04-29LogBlock
Cloudflare Specials100148Improve XSS inline detection2019-04-29LogBlock
Cloudflare Specials100135AImprove XSS detection2019-04-22BlockBlock
Cloudflare Specials100135BImprove XSS detection2019-04-22BlockBlock
Cloudflare Specials100136AImprove XSS detection2019-04-22BlockBlock
Cloudflare Specials100136BImprove XSS detection2019-04-22BlockBlock
Cloudflare Specials100097GImprove SQLi blocking2019-04-22LogBlock
Cloudflare WordPressWP0034WordPress zero day XSS2019-04-22N/ABlock
Cloudflare Specials100010AImprove SQLi detection2019-04-22BlockBlock
Cloudflare PHPPHP100013Blocks PHP CGI attack by default2019-04-22LogBlock
Cloudflare Specials100150Block CVE-2019-108422019-04-22N/ABlock
Cloudflare Specials100142NoSQL Injection attack (array vector)2019-04-15LogBlock
Cloudflare Specials100135AImprove XSS event detection2019-04-08N/AN/A
Cloudflare Specials100135BImprove XSS event detection2019-04-08N/AN/A
Cloudflare Specials100135CImprove XSS event detection2019-04-08N/AN/A
Cloudflare Specials100030SVGImprove XSS event detection2019-04-08N/AN/A
Cloudflare Specials100021CImprove XSS event detection2019-04-08N/AN/A
Cloudflare Specials100021CEImprove XSS event detection2019-04-08N/AN/A
Cloudflare Specials100021CBImprove XSS event detection2019-04-08N/AN/A
Cloudflare Specials100021CDImprove XSS event detection2019-04-08N/AN/A
Cloudflare Specials100021CD2Improve XSS event detection2019-04-08N/AN/A
Cloudflare Specials100021CD3Improve XSS event detection2019-04-08N/AN/A
Cloudflare DrupalD0020BETAImprove blocking of SA-CORE-2019-0032019-04-08LogBlock
Cloudflare DrupalD0017Improve blocking of SA-CORE-2019-0032019-04-08LogBlock
Cloudflare DrupalD0017Improve blocking of SA-CORE-2019-0032019-04-08LogDeleted
Cloudflare DrupalD0018Improve blocking of SA-CORE-2019-0032019-04-08LogDeleted
Cloudflare DrupalD0019Improve blocking of SA-CORE-2019-0032019-04-08LogDeleted
Cloudflare DrupalD0021Improve blocking of SA-CORE-2019-0032019-04-08LogDeleted
Cloudflare Specials100127Improve blocking of SA-CORE-2019-0032019-04-08LogDeleted
Cloudflare Specials100128Improve blocking of SA-CORE-2019-0032019-04-08LogDeleted
Cloudflare Specials100135AImprove XSS detection using JavaScript URI2019-04-08N/ABlock
Cloudflare Specials100135BImprove XSS detection using JavaScript URI2019-04-08N/ALog
Cloudflare Specials100135CImprove XSS detection using JavaScript URI2019-04-08N/ABlock
Cloudflare Specials100123AImprove invalid UTF-8 detection2019-04-08N/ABlock
Cloudflare Specials100123BImprove invalid UTF-8 detection2019-04-08N/ALog
Cloudflare Specials100130Executable file upload attempt2019-04-08LogBlock
Cloudflare Specials100136AImprove XSS detection using JavaScript events2019-04-01N/ABlock
Cloudflare Specials100136BImprove XSS detection using JavaScript events2019-04-01N/ABlock
Cloudflare Specials100136CImprove XSS detection using JavaScript events2019-04-01N/ABlock
Cloudflare Specials100120BETA2Reduce 100120's false positives2019-04-01LogBlock
Cloudflare WordPressWP0032BETAReduce false positives for WP00322019-04-01LogBlock
Cloudflare Specials100122ARGSBlock use of stream wrappers in all arguments2019-04-01LogBlock
Cloudflare Specials100132Protection for Apache Tika Command Injection CVE-2018-13352019-04-01LogBlock
Cloudflare PHPPHP100006Improve PHP webshell attempt detection.2019-04-01LogBlock
Cloudflare Specials100005Merge LFI 100005_BETA into 100005. Mitigates CVE-2018-9126, CVE-2011-1892.2019-04-01BlockBlock
Cloudflare Specials100005USuperseded by 1000052019-04-01BlockBlock
Cloudflare Specials100005URSuperseded by 1000052019-04-01BlockBlock
Cloudflare Specials100134Ruby on Rails File Disclosure CVE-2019-54182019-04-01LogBlock
Cloudflare Specials100120BETAImprove 100120's coverage of SQLi2019-03-25LogBlock
Cloudflare Specials100130BExecutable file with fake extension upload attempt2019-03-25LogBlock
Cloudflare Specials100021CBImproves XSS event detection using alternate syntax \`, brackets, and parentheses.2019-03-18LogBlock
Cloudflare Specials100021AImprove XSS detection in Referer Header2019-03-18ChallengeBlock
Cloudflare Specials100030SVGImprove XSS event detection2019-03-18ChallengeBlock
Cloudflare Specials100021CImprove XSS event detection2019-03-18BlockBlock
Cloudflare Specials100021CEImprove XSS event detection2019-03-18BlockBlock
Cloudflare Specials100021CBImprove XSS event detection2019-03-18BlockBlock
Cloudflare Specials100122ARGS_GETBlock use of stream wrappers in GET arguments (RFI/RCE)2019-03-18LogBlock
Cloudflare Specials100125Block AngularJS Sandbox attacks2019-03-18LogBlock
Cloudflare Specials100021DImprove XSS detection2019-03-18ChallengeBlock
Cloudflare WordPressWP0031WordPress RCE - CVE-2019-8942, CVE-2019-89432019-03-11N/ABlock
Cloudflare Specials100021CBImprove XSS event detection2019-03-11ChallengeBlock
Cloudflare Specials100021CImprove XSS event detection2019-03-11BlockBlock
Cloudflare Specials100008EImprove SQLi probing2019-03-04BlockBlock
Cloudflare Specials100123UTF-8 Invalid Characters detection (URL)2019-03-04LogBlock
Cloudflare Specials100008EImprove SQLi probe detection2019-02-18N/ABlock
Cloudflare Specials100063_BETAReduce false positives for 1000632019-02-18LogBlock
Cloudflare Specials100021HImprove XSS2019-02-18LogBlock
Cloudflare Specials100021GDelete XSS rule2019-02-18BlockDeleted
Cloudflare Specials100124AUTF-8 Invalid Characters detection2019-02-11N/ADisable
Cloudflare Specials100124BUTF-8 Invalid Characters detection2019-02-11N/ADisable
Cloudflare Specials100008Moved rule out of BETA2019-02-08BlockBlock
Cloudflare Specials100011Block requests with null bytes2019-02-04N/ADisable
Cloudflare Specials100020Blocked SQLi with mysql comments2019-02-04LogBlock
Cloudflare Specials100120BBlocked SQLi with mysql comments2019-02-04LogBlock
Cloudflare Specials100120CBlocked SQLi with mysql comments2019-02-04N/ADisable
Cloudflare Specials100054Block CVE-2017-5638 RCE attempts2019-02-04LogBlock
Cloudflare Specials100009CReduce 100009C false positives2019-01-28BlockBlock
Cloudflare Specials100007Improved RCE detection2019-01-28BlockBlock
Cloudflare PHPPHP100012Detect CVE-2017-98412019-01-28N/ABlock
Cloudflare Specials100112BBlock requests with duplicated User-Agent headers2019-01-21N/ADisable
Cloudflare Specials100009JReduce 100009J false positives2019-01-21BlockBlock
Cloudflare Specials100114Improved XSS probing detection2019-01-21LogBlock
Cloudflare Specials100005Improved LFI detection2019-01-21LogBlock
Cloudflare DrupalD0015Drupal SA-CORE-2019-002 vulnerabilityEmergency, 2019-01-17N/ABlock
Cloudflare DrupalD0016Drupal SA-CORE-2019-002 vulnerabilityEmergency, 2019-01-17N/ALog
Cloudflare PHPPHP100011Improved PHP code injection detection in URI and headers2019-01-14LogBlock
Cloudflare Specials100121ARGS_GETUse of multiple percent-encoding level in URI arguments2019-01-07N/ADisable
Cloudflare Specials100121URIUse of multiple percent-encoding level in URI2019-01-07N/ADisable
Cloudflare Specials100021CD3XSS reflection with JavaScript events2019-01-02N/ADisable
Cloudflare Specials100068BImprove SQLi detection2019-01-02LogBlock
Cloudflare Specials100021_BETAImprove XSS detection2019-01-02LogChallenge