Historical (2024)
| Ruleset | Rule ID | Legacy Rule ID | Description | Change Date | Old Action | New Action |
|---|---|---|---|---|---|---|
| Cloudflare Specials | 100675 | Adobe ColdFusion - Auth Bypass - CVE:CVE-2023-38205 | 2024-10-21 | Log | Block | |
| Cloudflare Specials | 100676 | Palo Alto Networks - Auth Bypass - CVE:CVE-2024-5910 | 2024-10-21 | Log | Block | |
| Cloudflare Specials | 100677 | SolarWinds - Auth Bypass - CVE:CVE-2024-28987 | 2024-10-21 | Log | Block | |
| Cloudflare Specials | 100673 | GoAnywhere - Remote Code Execution - CVE:CVE-2023-0669 | 2024-10-14 | Log | Block | |
| Cloudflare Specials | 100669 | Apache HugeGraph-Server - Remote Code Execution - CVE:CVE-2024-27348 | 2024-10-07 | Log | Block | |
| Cloudflare Specials | 100672 | Ivanti Virtual Traffic Manager - Auth Bypass - CVE:CVE-2024-7593 | 2024-10-07 | Log | Block | |
| Cloudflare Specials | 100670 | Junos - Remote Code Execution - CVE:CVE-2023-36844 | 2024-10-07 | Log | Block | |
| Cloudflare Specials | 100671 | Microsoft SQL Server - Remote Code Execution - CVE:CVE-2020-0618 | 2024-10-07 | Log | Block | |
| Cloudflare Specials | 100581 | Joomla - Information Disclosure - CVE:CVE-2023-23752 | 2024-10-07 | Log | Block | |
| Cloudflare Specials | 100668 | Progress Software WhatsUp Gold - Information Disclosure - CVE:CVE-2024-6670 | 2024-10-01 | Log | Block | |
| Cloudflare Specials | N/A | Anomaly:Body - Large 2 | 2024-09-16 | N/A | Disabled | |
| Cloudflare Specials | 100526 | VMware vCenter - CVE:CVE-2022-22954, CVE:CVE-2022-22948 | 2024-09-03 | N/A | Block | |
| Cloudflare Specials | 100667 | Authentik - Auth Bypass - CVE:CVE-2024-42490 | Emergency, 2024-08-20 | N/A | Block | |
| Cloudflare Specials | 100666 | Apache OFBiz - Remote Code Execution - CVE:CVE-2024-32113 | 2024-08-19 | Log | Block | |
| Cloudflare Specials | 100665 | Zoho ManageEngine - Remote Code Execution - CVE:CVE-2023-29084 | 2024-08-19 | Log | Block | |
| Cloudflare Specials | 100664 | Automation Anywhere - SSRF - CVE:CVE-2024-6922 | 2024-08-05 | Log | Block | |
| Cloudflare Specials | 100663 | WSO2 - Dangerous File Upload - CVE:CVE-2022-29464 | 2024-08-05 | Log | Block | |
| Cloudflare Specials | 100662 | ServiceNow - Input Validation - CVE:CVE-2024-4879, CVE:CVE-2024-5178, CVE:CVE-2024-5217 | 2024-08-05 | Log | Block | |
| Cloudflare Specials | 100659 | Common Payloads for Server-side Template Injection - Base64 | 2024-07-29 | N/A | Disabled | |
| Cloudflare Specials | 100559A | Prototype Pollution - Common Payloads - Base64 | 2024-07-29 | N/A | Disabled | |
| Cloudflare Specials | 100660 | Server-side Includes - Common Payloads - Base64 | 2024-07-29 | N/A | Disabled | |
| Cloudflare Specials | 100661 | SQLi - Common Payloads - Base64 | 2024-07-29 | N/A | Disabled | |
| Cloudflare Specials | 100524 | Java - Remote Code Execution | 2024-07-29 | Block | Disabled | |
| Cloudflare Specials | 100524 | Java - Remote Code Execution | 2024-07-24 | Log | Block | |
| Cloudflare Specials | 100659 | Common Payloads for Server-side Template Injection | 2024-07-24 | N/A | Disabled | |
| Cloudflare Specials | 100533A | Generic Payloads NoSQL Injection Base64 Beta | 2024-07-24 | N/A | Disabled | |
| Cloudflare Specials | 100533A | Generic Payloads NoSQL Injection | 2024-07-24 | N/A | Disabled | |
| Cloudflare Specials | 100644 | Generic Payloads XSS Base64 Beta | 2024-07-24 | N/A | Disabled | |
| Cloudflare Specials | 100644 | Generic Payloads XSS | 2024-07-24 | N/A | Disabled | |
| Cloudflare Specials | 100642 | LDAP Injection Base64 Beta | 2024-07-24 | N/A | Disabled | |
| Cloudflare Specials | 100642 | LDAP Injection | 2024-07-24 | N/A | Disabled | |
| Cloudflare Specials | 100559A | Prototype Pollution - Common Payloads | 2024-07-24 | N/A | Disabled | |
| Cloudflare Specials | 100645 | Remote Code Execution - Generic Payloads | 2024-07-24 | N/A | Disabled | |
| Cloudflare Specials | 100660 | Server-Side Includes - Common Payloads | 2024-07-24 | N/A | Disabled | |
| Cloudflare Specials | 100661 | SQLi - Common Payloads | 2024-07-24 | N/A | Disabled | |
| Cloudflare Specials | 100658 | Apache OFBiz - SSRF - CVE:CVE-2023-50968 | 2024-07-17 | Log | Block | |
| Cloudflare Specials | 100657 | JEECG - Deserialization - CVE:CVE-2023-49442 | 2024-07-17 | Log | Block | |
| Cloudflare Specials | 100532 | Vulnerability scanner activity | 2024-07-17 | Log | Block | |
| Cloudflare Specials | 100654 | Telerik Report Server - Auth Bypass - CVE:CVE-2024-4358, CVE:CVE-2024-1800 | 2024-07-10 | Log | Block | |
| Cloudflare Specials | 100655 | Rejetto HTTP File Server - Remote Code Execution - CVE:CVE-2024-23692 | 2024-07-10 | Log | Block | |
| Cloudflare Specials | 100647 | pgAdmin - Remote Code Execution - CVE:CVE-2024-3116 | 2024-07-10 | Log | Block | |
| Cloudflare Specials | 100656 | MoveIT - Auth Bypass - CVE:CVE-2024-5806 | 2024-07-10 | Log | Block | |
| Cloudflare Specials | 100079A | Java - Deserialization - 2 | 2024-07-10 | Log | Block | |
| Cloudflare Specials | 100648 | Groovy - Remote Code Execution | 2024-07-10 | Log | Block | |
| Cloudflare Specials | 100700 | Apache SSRF vulnerability CVE-2021-40438 | 2024-07-10 | Log | Block | |
| Cloudflare Specials | 100652 | PHP CGI - Information Disclosure - CVE:CVE-2024-4577 | Emergency, 2024-06-18 | N/A | Block | |
| Cloudflare Specials | 100653 | Veeam Backup Enterprise Manager - Information Disclosure - CVE:CVE-2024-29849 | Emergency, 2024-06-18 | N/A | Block | |
| Cloudflare Specials | 100651 | Atlassian Confluence - Remote Code Execution - CVE:CVE-2024-21683 | Emergency, 2024-06-06 | N/A | Block | |
| Cloudflare Specials | 100650 | Check Point Security - Information Disclosure - CVE:CVE-2024-24919 | Emergency, 2024-05-30 | N/A | Block | |
| Cloudflare Specials | 100649 | FortiSIEM - Remote Code Execution - CVE:CVE-2024-23108, CVE:CVE-2023-34992 | Emergency, 2024-05-29 | N/A | Block | |
| Cloudflare Specials | N/A | Generic Payloads XSS Base64 2 Beta | 2024-05-21 | N/A | Disabled | |
| Cloudflare Specials | N/A | Generic Payloads NoSQL Injection Base64 Beta | 2024-05-14 | N/A | Disabled | |
| Cloudflare Specials | N/A | LDAP Injection Base64 Beta | 2024-05-14 | N/A | Disabled | |
| Cloudflare Specials | N/A | NoSQL - Injection Base64 2 Beta | 2024-05-14 | N/A | Disabled | |
| Cloudflare Specials | N/A | Generic Payloads XSS Base64 Beta | 2024-05-08 | N/A | Disabled | |
| Cloudflare Specials | 100532 | Vulnerability scanner activity | 2024-05-06 | N/A | Block | |
| Cloudflare Specials | 100533 | NoSQL - Injection | 2024-05-06 | N/A | Block | |
| Sensitive Data Disclosure (SDD) | N/A | Malaysian Phone Number | 2024-04-24 | N/A | Disabled | |
| Sensitive Data Disclosure (SDD) | N/A | Malaysia Identification Card Number | 2024-04-24 | N/A | Disabled | |
| Cloudflare Specials | N/A | Vulnerability scanner activity 3 Base64 Beta | 2024-04-24 | N/A | Disabled | |
| Cloudflare Specials | N/A | Default Windows User - Directory Traversal Base64 Beta | 2024-04-24 | N/A | Disabled | |
| Cloudflare Specials | N/A | Generic Payloads NoSQL Injection Base64 Beta | 2024-04-24 | N/A | Disabled | |
| Cloudflare Specials | N/A | NoSQL - Injection Base64 2 Beta | 2024-04-24 | N/A | Disabled | |
| Cloudflare Specials | N/A | LDAP Injection Base64 Beta | 2024-04-24 | N/A | Disabled | |
| Cloudflare Specials | 100645 | Remote Code Execution - Generic Payloads | 2024-04-22 | N/A | Disabled | |
| Cloudflare Specials | 100533A | Generic Payloads NoSQL Injection | 2024-04-22 | N/A | Disabled | |
| Cloudflare Specials | 100644 | Generic Payloads XSS | 2024-04-22 | N/A | Disabled | |
| Cloudflare Specials | 100007C_BETA | Command Injection - Common Attack Commands Beta Updated detection logic. | 2024-04-22 | N/A | Disabled | |
| Cloudflare Specials | 100643 | Default Windows User - Directory Traversal Updated detection logic. | 2024-04-22 | N/A | Disabled | |
| Cloudflare Specials | 100642 | LDAP Injection Updated detection logic. | 2024-04-22 | N/A | Disabled | |
| Cloudflare Specials | 100532C | Vulnerability scanner activity 3 Updated detection logic. | 2024-04-22 | N/A | Disabled | |
| Cloudflare Specials | 100007C | Command Injection - Common Attack Commands | Emergency, 2024-04-16 | N/A | Block | |
| Cloudflare Specials | 100045C | Anomaly:URL:Path - Multiple Slashes, Relative Paths, CR, LF or NULL 2 | 2024-04-15 | N/A | Disabled | |
| Cloudflare Specials | 100007C_BETA | Command Injection - Common Attack Commands Beta | 2024-04-15 | N/A | Disabled | |
| Cloudflare Specials | 100643 | Default Windows User - Directory Traversal | 2024-04-15 | N/A | Disabled | |
| Cloudflare Specials | 100088E | Generic XXE Attack | 2024-04-15 | N/A | Disabled | |
| Cloudflare Specials | 100088D | Generic XXE Attack 2 | 2024-04-15 | N/A | Disabled | |
| Cloudflare Specials | 100536A | GraphQL Introspection | 2024-04-15 | N/A | Disabled | |
| Cloudflare Specials | 100536B | GraphQL SSRF | 2024-04-15 | N/A | Disabled | |
| Cloudflare Specials | 100642 | LDAP Injection | 2024-04-15 | N/A | Disabled | |
| Cloudflare Specials | 100532C | Vulnerability scanner activity 3 | 2024-04-15 | N/A | Disabled | |
| Cloudflare Specials | 100632 | Nginx - File Inclusion | 2024-04-08 | N/A | Disabled | |
| Cloudflare Specials | 100633 | PHP - File Inclusion | 2024-04-08 | N/A | Disabled | |
| Cloudflare Specials | 100634 | Generic Database - File Inclusion | 2024-04-08 | N/A | Disabled | |
| Cloudflare Specials | 100635 | Generic Log - File Inclusion | 2024-04-08 | N/A | Disabled | |
| Cloudflare Specials | 100636 | Generic Webservers - File Inclusion | 2024-04-08 | N/A | Disabled | |
| Cloudflare Specials | 100637 | Generic Home Directory - File Inclusion | 2024-04-08 | N/A | Disabled | |
| Cloudflare Specials | 100638 | Generic System Process - File Inclusion | 2024-04-08 | N/A | Disabled | |
| Cloudflare Specials | 100639 | Command Injection | 2024-04-08 | N/A | Disabled | |
| Cloudflare Specials | 100640 | Generic System - File Inclusion | 2024-04-08 | N/A | Disabled | |
| Cloudflare Specials | 100641 | Apache - File Inclusion | 2024-04-08 | N/A | Disabled | |
| Cloudflare Specials | 100629 | JetBrains TeamCity - Auth Bypass, Remote Code Execution - CVE:CVE-2024-27198, CVE:CVE-2024-27199 | 2024-03-18 | N/A | Block | |
| Cloudflare Specials | 100630 | Apache OFBiz - Auth Bypass, Remote Code Execution - CVE:CVE-2023-49070, CVE:CVE-2023-51467 | 2024-03-18 | N/A | Block | |
| Cloudflare Specials | 100627 | Wordpress:Plugin:Bricks Builder Theme - Command Injection - CVE:CVE-2024-25600 | 2024-03-11 | N/A | Block | |
| Cloudflare Specials | 100628 | ConnectWise - Auth Bypass | 2024-03-11 | N/A | Block | |
| Cloudflare Specials | 100135D | XSS - JS On Events | 2024-03-04 | N/A | Block | |
| Cloudflare Specials | 100546 | XSS - HTML Encoding | 2024-02-26 | N/A | Block | |
| Cloudflare Specials | 100622B, 100622C | Ivanti - Command Injection - CVE:CVE-2023-46805, CVE:CVE-2024-21887, CVE:CVE-2024-22024 | 2024-02-20 | N/A | Block | |
| Cloudflare Specials | N/A | Microsoft ASP.NET - Code Injection - Function response.write | 2024-02-20 | N/A | Block | |
| Cloudflare Specials | N/A | NoSQL, MongoDB - SQLi - Comparison | 2024-02-20 | N/A | Block | |
| Cloudflare Specials | N/A | NoSQL, MongoDB - SQLi - Expression | 2024-02-20 | N/A | Block | |
| Cloudflare Specials | N/A | PHP - Code Injection | 2024-02-20 | N/A | Disabled | |
| Cloudflare Specials | N/A | PHP, vBulletin, jQuery File Upload - Code Injection, Dangerous File Upload - CVE:CVE-2018-9206, CVE:CVE-2019-17132 | 2024-02-20 | N/A | Block | |
| Cloudflare Specials | 100625 | Jenkins - Information Disclosure - CVE:CVE-2024-23897 | 2024-02-12 | N/A | Block | |
| Cloudflare Specials | 100514 | Log4j Headers | 2024-02-12 | N/A | Block | |
| Cloudflare Specials | 100515B | Log4j Body Obfuscation | 2024-02-12 | N/A | Block | |
| Cloudflare Specials | 100624 | GoAnywhere - Auth Bypass - CVE:CVE-2024-0204 | 2024-02-05 | N/A | Block | |
| Cloudflare Specials | 100626,100626A | Anomaly:Header:Content-Type - Multiple | 2024-02-05 | N/A | Disabled | |
| Cloudflare Specials | N/A | AngularJS - XSS | 2024-02-05 | N/A | Block | |
| Cloudflare Specials | N/A | Apache HTTP Server - Server-Side Includes | 2024-02-05 | N/A | Disabled | |
| Cloudflare Specials | N/A | Command Injection - CVE:CVE-2014-6271 | 2024-02-05 | N/A | Block | |
| Cloudflare Specials | N/A | Command Injection - Nslookup | 2024-02-05 | N/A | Block | |
| Cloudflare Specials | N/A | Microsoft ASP.NET - Code Injection | 2024-02-05 | N/A | Disabled | |
| Cloudflare Specials | 100623 | Atlassian Confluence - Template Injection - CVE:CVE-2023-22527 | Emergency, 2024-01-22 | N/A | Block | |
| Cloudflare Specials | 100622 | Ivanti - Auth Bypass, Command Injection - CVE:CVE-2023-46805, CVE:CVE-2024-21887 | Emergency, 2024-01-17 | N/A | Block | |
| Cloudflare Specials | 100620 | Microsoft ASP.NET - Remote Code Execution - CVE:CVE-2023-35813 | 2024-01-16 | N/A | Block | |
| Cloudflare Specials | 100619 | Liferay - Remote Code Execution - CVE:CVE-2020-7961 | 2024-01-16 | N/A | Block | |
| Cloudflare Specials | 100618 | pfSense - Remote Code Execution - CVE:CVE-2023-42326 | 2024-01-16 | N/A | Block | |
| Cloudflare Specials | 100621 | Clerk - Auth Bypass | 2024-01-16 | N/A | Disabled | |
| Cloudflare Specials | 100612 | SnakeYAML - CVE:CVE-2022-1471 | 2024-01-04 | N/A | Block |