Cloudflare Docs
WAF
Edit this page on GitHub
Set theme to dark (⇧+D)

Historical - 2018

RulesetRule IDDescriptionChange DateOld ActionNew Action
Cloudflare Specials100016_BETAImproved sensitive directories access2018-12-11LogBlock
Cloudflare Specials100035U_BETAImproved Baidu bot detection2018-12-06LogBlock
Cloudflare Specials100026_BETAImproved PHP injection detection2018-12-06LogBlock
Cloudflare Specials100118Improved SQLi detection2018-11-19LogBlock
Cloudflare Specials100116For CVE-2018-9206, vulnerable jQuery File Uploader2018-11-19LogBlock
Cloudflare Specials100117For CVE-2018-9206, vulnerable jQuery File Uploader2018-11-19LogBlock
Cloudflare Specials100008_BETAImproved SQLi detection2018-11-12LogBlock
Cloudflare Specials100114XSS probing detection2018-11-12LogBlock
Cloudflare Specials100097libinjection based SQLi detection rule2018-10-29N/ADisable
Cloudflare Specials100097Flibinjection based SQLi detection rule2018-10-29LogBlock
Cloudflare Specials100070Block requests with invalid x-forwarded-for headers2018-10-22LogBlock
Cloudflare Specials100107Improved XSS Probing detection2018-10-22LogBlock
Cloudflare Specials100111Detect large numbers of GET parameters in requests2018-10-22LogBlock
Cloudflare Specials100109Detect large numbers of GET parameters in requests2018-10-22LogBlock
Cloudflare Specials100109BDetect large numbers of GET parameters in requests2018-10-22LogLog
Cloudflare Specials100110Detect large numbers of GET parameters in requests2018-10-22DisableDisable
Cloudflare Specials100112Block requests with duplicated headers2018-10-15N/ADisable
Cloudflare WordPressWP0020WP allowlist2018-10-08AllowAllow
Cloudflare WordPressWP0004WP allowlist2018-10-08AllowAllow
Cloudflare Specials100088B_BETAImproved XXE detection2018-10-08LogBlock
Cloudflare Specials100030Improved XSS Probing detection2018-10-08ChallengeBlock
Cloudflare Specials100021BImproved XSS Probing detection2018-10-08BlockBlock
Cloudflare Specials100030_BETAImproved XSS Probing detection2018-10-08LogBlock
Cloudflare Specials100008CW_BETAImproved SQLi sleep probing2018-10-01LogBlock
Cloudflare Specials100106Improved SQLi detection2018-10-01LogBlock
Cloudflare Specials100009J_BETAImproved SQLi detection2018-10-01LogBlock
Cloudflare Specials100009CBImproved SQLi detection2018-09-24LogBlock
Cloudflare Specials100102Rules to stop file read and deletion vulnerabilities in Ghostscript2018-09-24LogBlock
Cloudflare Specials100103Rules to stop file read and deletion vulnerabilities in Ghostscript2018-09-24LogBlock
Cloudflare OWASP950907Additional OWASP rules can be disabled in UI2018-09-24N/AN/A
Cloudflare OWASP950008Additional OWASP rules can be disabled in UI2018-09-24N/AN/A
Cloudflare OWASP950010Additional OWASP rules can be disabled in UI2018-09-24N/AN/A
Cloudflare OWASP950011Additional OWASP rules can be disabled in UI2018-09-24N/AN/A
Cloudflare OWASP960008Additional OWASP rules can be disabled in UI2018-09-24N/AN/A
Cloudflare OWASP960015Additional OWASP rules can be disabled in UI2018-09-24N/AN/A
Cloudflare OWASP960009Additional OWASP rules can be disabled in UI2018-09-24N/AN/A
Cloudflare Specials100009C_BETAImproved SQLi detection2018-09-17LogDeleted
Cloudflare Specials100101Vulnerability in GhostscriptEmergency, 2018-09-12N/ABlock
Cloudflare Specials100021CEImproved XSS Detection2018-09-10BlockBlock
Cloudflare Specials100088BImproved XXE Detection2018-09-10LogBlock
Cloudflare Specials100091BImproved XSS Detection2018-09-10N/ABlock
Cloudflare Specials100038Blocks requests to /server_status, which gives away information on how a server works.2018-09-06LogBlock
Cloudflare PlonePLONE0002Update rule regex2018-08-28BlockBlock
Cloudflare Specials100021CE_BETAImproved XSS Detection2018-08-28LogBlock
Cloudflare Specials100030SVG_BETAImproved XSS Detection2018-08-28LogBlock
Cloudflare Specials100090Improved XSS Detection2018-08-28LogBlock
Cloudflare Specials100091Improved XSS Detection2018-08-28LogBlock
Cloudflare Specials100092Improved XSS Detection2018-08-28LogBlock
Cloudflare Specials100093Improved XSS Detection2018-08-28LogLog
Cloudflare Specials100063Reduction in false positives2018-08-13BlockBlock
Cloudflare Specials100035CImproved detection of fake google botsEmergency, 2018-08-13N/ABlock
Cloudflare Specials100095Rules to block cache poisoning attacksEmergency, 2018-08-13N/ABlock
Cloudflare Specials100095BRules to block cache poisoning attacksEmergency, 2018-08-13N/ABlock
Cloudflare WordPressWP0003Disable login2018-08-13AllowAllow
Cloudflare WordPressWP0025BReduce the false positives WP0025B caused in the Gutenberg WordPress editor.2018-08-08BlockBlock
Cloudflare WordPressWP0025DReduce the false positives WP0025B caused in the Gutenberg WordPress editor.2018-08-08BlockBlock
Cloudflare DrupalD0006Attempt to address SA-CORE-2018-005 by matching certain headers.Emergency, 2018-08-03N/ABlock
Cloudflare DrupalD0007Attempt to address SA-CORE-2018-005 by matching certain headers.Emergency, 2018-08-03N/ABlock
Cloudflare DrupalD0008Attempt to address SA-CORE-2018-005 by matching certain headers.Emergency, 2018-08-03N/ADisable
Cloudflare DrupalD0009Attempt to address SA-CORE-2018-005 by matching certain headers.Emergency, 2018-08-03N/ADisable
Cloudflare DrupalD0010Attempt to address SA-CORE-2018-005 by matching certain headers.Emergency, 2018-08-03N/ADisable
Cloudflare DrupalD0011Attempt to address SA-CORE-2018-005 by matching certain headers.Emergency, 2018-08-03N/ADisable
Cloudflare DrupalD0012Attempt to address SA-CORE-2018-005 by matching certain headers.Emergency, 2018-08-03N/ADisable
Cloudflare DrupalD0013Attempt to address SA-CORE-2018-005 by matching certain headers.Emergency, 2018-08-03N/ABlock
Cloudflare DrupalD0014Attempt to address SA-CORE-2018-005 by matching certain headers.Emergency, 2018-08-03N/ABlock
Cloudflare Specials100089Improved SQLi detection2018-07-30LogBlock