Managed Rules

The Cloudflare WAF includes pre-configured managed rulesets that you can deploy. These managed rulesets provide immediate protection against:

Zero-day vulnerabilities
Top-10 attack techniques
Use of stolen/leaked credentials
Extraction of sensitive data

The WAF’s managed rulesets are regularly updated. Each rule has a default action that varies according to the severity of the rule. You can adjust the behavior of specific rules, choosing from several possible actions.

Rules of managed rulesets have associated tags (such as wordpress) that allow you to search for a specific group of rules and configure them in bulk.

Rulesets

By default, Cloudflare offers the following rulesets:

Cloudflare Managed Ruleset
Cloudflare OWASP Core Ruleset
Cloudflare Exposed Credentials Check Managed Ruleset

Cloudflare Dashboard Discord Community Learning Center Support Portal

Cookie Settings