Skip to content
Cloudflare Docs

Adjust the sensitivity of an HTTP DDoS rule to Low

Follow the steps below to override the sensitivity of a specific rule of the Cloudflare HTTP DDoS Attack Protection managed ruleset.

  1. Add a rule to a phase to deploy the Cloudflare HTTP DDoS Attack Protection managed ruleset. You only need to deploy this specific ruleset when you wish to define one or more overrides, since it is enabled by default.
  2. Configure a rule override that sets the sensitivity_level of a specific rule.

The following example uses the Update a zone entry point ruleset operation to execute the two steps in a single PUT request.

  • Set the rules in the ddos_l7 phase entry point ruleset to a single rule that executes the Cloudflare HTTP DDoS Attack Protection managed ruleset (with ID <HTTP_DDOS_RULESET_ID>).
  • Create an override for the rule with ID <RULE_ID> and set the rule sensitivity to low. All other rules use the default sensitivity defined by Cloudflare.

Example: Use an override to set the sensitivity of an HTTP DDoS rule at the zone level

Required API token permissions

 At least one of the following token permissions is required:
  • Response Compression Write
  • Config Settings Write
  • Dynamic URL Redirects Write
  • Cache Settings Write
  • Custom Errors Write
  • Origin Write
  • Managed headers Write
  • Zone Transform Rules Write
  • Mass URL Redirects Write
  • Magic Firewall Write
  • L4 DDoS Managed Ruleset Write
  • HTTP DDoS Managed Ruleset Write
  • Sanitize Write
  • Transform Rules Write
  • Select Configuration Write
  • Bot Management Write
  • Zone WAF Write
  • Account WAF Write
  • Account Rulesets Write
  • Logs Write
  • Logs Write
Update a zone entry point ruleset
curl https://api.cloudflare.com/client/v4/zones/$ZONE_ID/rulesets/phases/ddos_l7/entrypoint \
  --request PUT \
  --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
  --json '{
    "rules": [
        {
            "action": "execute",
            "expression": "true",
            "action_parameters": {
                "id": "<HTTP_DDOS_RULESET_ID>",
                "overrides": {
                    "rules": [
                        {
                            "id": "<RULE_ID>",
                            "sensitivity_level": "low"
                        }
                    ]
                }
            }
        }
    ]
  }'