Historical (2023)
| Ruleset | Rule ID | Legacy Rule ID | Description | Change Date | Old Action | New Action |
|---|---|---|---|---|---|---|
| Cloudflare Specials | …1bc977d1 | N/A | DotNetNuke - File Inclusion - CVE:CVE-2018-9126, CVE:CVE-2011-1892, CVE:CVE-2022-31474 | 2023-12-18 | N/A | Block |
| Cloudflare Specials | …bb6d4e13 | 100615 | Apache Struts - Remote Code Execution - CVE:CVE-2023-50164 | Emergency, 2023-12-14 | N/A | Block |
| Cloudflare Specials | …8ed2b1d9 | 100611 | WordPress:Plugin:WooCommerce - Unauthorized Administrator Access - CVE:CVE-2023-28121 | 2023-11-21 | N/A | Block |
| Cloudflare Specials | …c3b6a372 | 100593 | Adobe ColdFusion - Auth Bypass, Remote Code Execution - CVE:CVE-2023-29298, CVE:CVE-2023-38203, CVE:CVE-2023-26360 | 2023-11-21 | N/A | Block |
| Cloudflare Specials | …c54e7046 | 100614 | Atlassian Confluence - Code Injection - CVE:CVE-2023-22518 | Emergency, 2023-11-06 | N/A | Block |
| Cloudflare Specials | …d59a59db | 100609 | Keycloak - SSRF - CVE:CVE-2020-10770 | 2023-10-30 | N/A | Block |
| Cloudflare Specials | …3e3f706d | 100606 | JetBrains TeamCity - Auth Bypass, Remote Code Execution - CVE:CVE-2023-42793 | 2023-10-23 | N/A | Block |
| Cloudflare Specials | …469c4a38 | 100607 | Progress WS_FTP - Information Disclosure - CVE:CVE-2023-40044 | 2023-10-23 | N/A | Block |
| Cloudflare Specials | …7ccccdce | 100608 | Progress WS_FTP - Remote Code Execution - CVE:CVE-2023-40044 | 2023-10-23 | N/A | Block |
| Cloudflare Specials | …ec9f34e1 | 100604 | Atlassian Confluence - Privilege Escalation - CVE:CVE-2023-22515. Also released for Cloudflare Free customers, with rule ID …91935fcb (updated detection logic). | Emergency, 2023-10-11 | N/A | Block |
| Cloudflare Specials | …ec9f34e1 | 100604,100605 | Atlassian Confluence - Privilege Escalation - CVE:CVE-2023-22515. Also released for Cloudflare Free customers, with rule ID …91935fcb. | Emergency, 2023-10-04 | N/A | Block |
| Cloudflare Specials | …34780914 | 100532 | Vulnerability scanner activity | 2023-10-02 | N/A | Block |
| Cloudflare Specials | …066c0c9a | 100602 | Code Injection - CVE:CVE-2023-36845 | Emergency, 2023-09-22 | N/A | Block |
| Cloudflare Specials | …0746d000 | 100603 | Information Disclosure - CVE:CVE-2023-28432 | Emergency, 2023-09-22 | N/A | Block |
| Cloudflare Specials | …25ba9d7c | N/A | SSRF Cloud | 2023-09-18 | N/A | Disabled |
| Cloudflare Specials | …c5f041ac | 100597 | Information Disclosure - Path Normalization | 2023-09-04 | Log | Block |
| Cloudflare Specials | …50cec478 | 100598 | Remote Code Execution - Common Bash Bypass | 2023-09-04 | Log | Block |
| Cloudflare Specials | …ec5b0d04 | 100599 | Ivanti - Auth Bypass - CVE:CVE-2023-38035 | 2023-09-04 | Log | Block |
| Cloudflare Specials | …6912c055 | 100601 | Malware - Polymorphic Encoder | 2023-09-04 | Log | Block |
| Cloudflare Specials | …8242627b | 100146B | SSRF Local BETA | 2023-09-04 | Log | Disabled |
| Cloudflare Specials | …84dadf5a | 100595 | MobileIron - Auth Bypass - CVE:CVE-2023-35082 | 2023-08-21 | Log | Block |
| Cloudflare Specials | …48a60154 | N/A | SQLi - Keyword + SubExpress + Comment + BETA | 2023-08-21 | N/A | Disabled |
| Cloudflare Specials | …cac42ce2 | 100596 | Citrix Content Collaboration ShareFile - Remote Code Execution - CVE:CVE-2023-24489 | Emergency, 2023-08-17 | N/A | Block |
| Cloudflare Specials | …c3b6a372 | 100593 | Adobe ColdFusion - Auth Bypass, Remote Code Execution - CVE:CVE-2023-29298, CVE:CVE-2023-38203, CVE:CVE-2023-26360 | 2023-08-07 | N/A | Block |
| Cloudflare Specials | …63d65c25 | 100594 | Citrix Netscaler ADC - Remote Code Execution - CVE:CVE-2023-3519 | 2023-08-07 | Log | Block |
| Cloudflare Specials | …63d65c25 | 100594 | Citrix Netscaler ADC - Remote Code Execution - CVE:CVE-2023-3519 | Emergency, 2023-08-01 | N/A | Log |
| Cloudflare Specials | …777f5c34 | 100590 | Fortigate VPN - Remote Code Execution - CVE:CVE-2023-27997 | 2023-07-31 | N/A | Block |
| Cloudflare Specials | …0bd669ca | 100592 | Code Injection - Generic | 2023-07-31 | N/A | Block |
| OWASP Rules | …af347fde | N/A | 944100: Remote Command Execution: Suspicious Java class detected | 2023-07-10 | N/A | Block |
| OWASP Rules | …9fae472b | N/A | 944110: Remote Command Execution: Java process spawn (CVE-2017-9805) | 2023-07-10 | N/A | Block |
| OWASP Rules | …5ab75703 | N/A | 944120: Remote Command Execution: Java serialization (CVE-2015-4852) | 2023-07-10 | N/A | Block |
| OWASP Rules | …73cd4e53 | N/A | 944210: Magic bytes Detected Base64 Encoded, probable Java serialization in use | 2023-07-10 | N/A | Block |
| OWASP Rules | …e068f5d3 | N/A | 944300: Base64 encoded string matched suspicious keyword | 2023-07-10 | N/A | Block |
| Cloudflare Specials | …6f9bfc13 | 100590 | VMware - Remote Code Execution - CVE:CVE-2023-20887 | 2023-07-05 | N/A | Block |
| Cloudflare Specials | …fb982fd6 | 100008G | SQLi - Libinject with Body Inspection | 2023-07-05 | N/A | Disabled |
| Cloudflare Specials | …7bc0259f | 100008NS | Command Injection - Netcat - Body | 2023-07-05 | N/A | Disabled |
| Cloudflare Specials | …8559ddfa | 100589 | File Inclusion - WEB-INF | 2023-06-19 | N/A | Block |
| Cloudflare Specials | …269024be | 100587 | Code Injection - CVE:CVE-2019-18889 | 2023-06-19 | N/A | Block |
| Cloudflare Specials | …6f9bfc13 | 100590 | VMware - Remote Code Execution - CVE:CVE-2023-20887 | Emergency, 2023-06-14 | N/A | Block |
| Cloudflare Specials | …269024be | 100587 | Code Injection - CVE:CVE-2022-23529 | 2023-06-12 | N/A | Block |
| Cloudflare Specials | …3ff033f6 | 100588 | MoveIT - SSRF | Emergency, 2023-06-09 | N/A | Block |
| Cloudflare Specials | …dae05f0a | 100583 | Sophos - Code Injection - CVE:CVE-2023-1671 | 2023-05-22 | N/A | Block |
| Cloudflare Specials | …dd1b7502 | 100584 | Oracle Opera - Code Injection - CVE:CVE-2023-21932 | 2023-05-22 | N/A | Disabled |
| Cloudflare Specials | …18585d20 | 100582 | vBulletin - Code Injection - CVE:CVE-2023-25135 | 2023-05-02 | N/A | Block |
| Cloudflare Specials | …49e6b538 | 100534 | Webshell Activity | 2023-05-02 | N/A | Block |
| Cloudflare Specials | …8b036974 | 100558 | Malware, Web Shell | 2023-05-02 | N/A | Log |
| Cloudflare Specials | …dfc9b843 | 100580 | XSS - Error handling | 2023-04-11 | N/A | Block |
| Cloudflare Specials | …2f26b3a7 | 100581 | Joomla - Information Disclosure - CVE:CVE-2023-23752 | 2023-04-11 | N/A | Block |
| Cloudflare Specials | …602dabe0 | N/A | XSS - JavaScript Events | 2023-04-11 | N/A | Block |
| Cloudflare Specials | N/A | 100546 | XSS - HTML Encoding | 2023-04-11 | N/A | Block |
| Cloudflare Specials | …a47c4be6 | 100577 | Apache Spark - Remote Code Execution - CVE:CVE-2022-33891 | 2023-03-20 | N/A | Block |
| Cloudflare Specials | …54d00d2f | 100578 | GLPI - Remote Code Execution - CVE:CVE-2022-35914 | 2023-03-20 | N/A | Block |
| Cloudflare Specials | …fb4c6991 | 100579 | GitLab - Remote Code Execution - CVE:CVE-2021-22205 | 2023-03-20 | N/A | Block |
| Cloudflare Specials | …ad679b95 | 100575 | ZK Framework - Information Disclosure - CVE:CVE-2022-36537 | 2023-03-13 | N/A | Block |
| Cloudflare Specials | …f2cc4e84 | 100524 | Java - Remote Code Execution | 2023-03-06 | N/A | Block |
| Cloudflare Specials | …30d612c4 | 100572 | Java - Remote Code Execution - URL | 2023-03-06 | N/A | Block |
| Cloudflare Specials | …9497744a | 100570 | FortiNAC - Remote Code Execution - CVE:CVE-2022-39952 | 2023-03-06 | N/A | Block |
| Cloudflare Specials | …5d38ed42 | 100564 | Oracle E-Business Suite - Remote Code Execution - CVE:CVE-2022-21587 | 2023-02-27 | N/A | Block |
| Cloudflare Specials | …d7e78753 | 100566 | Ruby on Rails - Remote Code Execution | 2023-02-27 | N/A | Block |
| Cloudflare Specials | …72612a5b | 100568 | Cacti - Remote Code Execution - CVE:CVE-2022-46169 | 2023-02-27 | N/A | Block |
| Cloudflare Specials | …a6fda143 | 100563 | Template Injection | 2023-02-13 | N/A | Block |
| Cloudflare Specials | …b090ba9a | 100303 | Command Injection - Nslookup | 2023-02-13 | N/A | Block |
| Cloudflare Specials | …0550c529 | 100016 | Version Control - Information Disclosure | 2023-02-13 | N/A | Block |
| Cloudflare Specials | …d3cdd6ac | 100561 | Remote Code Execution - Double Extension | 2023-02-13 | N/A | Block |
| Cloudflare Specials | …f2cc4e84 | 100524 | Java - Remote Code Execution | 2023-02-06 | N/A | Block |
| Cloudflare Specials | …1b4e622e | 100560 | Microsoft Exchange - Broken Authentication - CVE:CVE-2021-33766 | 2023-02-06 | N/A | Block |
| Cloudflare Specials | …de5e2367 | N/A | XSS - JavaScript Events | 2023-01-30 | N/A | Block |
| Cloudflare Specials | …4c2e80c3 | 100557 | Code Injection - JavaScript | 2023-01-30 | N/A | Block |
| Cloudflare Specials | …65414846 | 100559 | Prototype pollution Attack, Headers | 2023-01-30 | N/A | Block |
| Cloudflare OWASP | …fc25d2f1f | N/A | Rollback Cloudflare OWASP to version 3.3.3 from 3.3.4 | 2023-01-24 | N/A | N/A |
| Cloudflare Specials | …8b036974 | 100558 | Malware, Web Shell | 2023-01-16 | N/A | Log |
| Cloudflare Specials | N/A | 100135C | XSS - JavaScript Events | 2023-01-16 | N/A | Block |
| Cloudflare OWASP | …fc25d2f1f | N/A | Upgrading Cloudflare OWASP to version 3.3.4 | 2023-01-16 | N/A | N/A |
| Cloudflare Specials | …b604fb62 | 100551B | Microsoft Exchange SSRF and RCE vulnerability 2 - CVE:CVE-2022-41040, CVE:CVE-2022-41082 | 2023-01-09 | N/A | Block |