Cloudflare Docs
WAF
Edit this page on GitHub
Set theme to dark (⇧+D)

Deploy a managed ruleset in the dashboard for a zone

You can deploy and configure managed rulesets for a zone in Security > WAF > Managed rules.

To deploy a managed ruleset for several Enterprise domains in your account, refer to Deploy a managed ruleset in the dashboard for an account.

Example WAF Managed Rules configuration in the Managed rules tab under Security > WAF. There are two managed rulesets already deployed, and one managed ruleset available for deployment.

​​ Deploy a managed ruleset

To deploy a managed ruleset with the default configuration:

  1. Log in to the Cloudflare dashboard, and select your account and domain.

  2. Go to Security > WAF > Managed rules.

  3. Under Managed Rulesets, select Deploy next to a managed ruleset.

This operation will deploy the managed ruleset for the current zone, creating a new rule with the Execute action.

​​ Enable or disable a managed ruleset

Select the Enabled toggle next to a managed ruleset to enable or disable it.

​​ Configure a managed ruleset

Configure a managed ruleset to:

  • Define specific field values for one or more rules (for example, configure a rule with an action different from the action configured by Cloudflare).
  • Disable one or more rules.
  • Specify a custom filter expression to apply the rules in the ruleset to a subset of incoming requests.

To skip one or more rules, or entire WAF managed rulesets, add an exception.

​​ Configure field values for all the rules

To configure rule field values for all the rules in a managed ruleset:

  1. Log in to the Cloudflare dashboard, and select your account and domain.

  2. Go to Security > WAF > Managed rules.

  3. Next to the Execute rule that deploys the managed ruleset you want to configure, select the managed ruleset name.

  4. Under Ruleset configuration, set one or more rule fields from the available values in the drop-down lists.

    For example, select the action to perform for all the rules in the ruleset from the Ruleset action drop-down list.

    The Configure Managed Ruleset page displaying the available options to override all the rules in the ruleset. In the displayed managed ruleset you can override the ruleset action.
  5. (Optional) To apply the rules in the ruleset to a subset of incoming requests instead of all requests, set the scope using a custom filter expression.

  6. Select Save.

​​ View the rules of a managed ruleset

You can browse the available rules in a managed ruleset and search for individual rules or tags.

Use the available filters in the Browse Managed Ruleset interface.

To view the rules of a managed ruleset:

  1. Log in to the Cloudflare dashboard, and select your account and domain.

  2. Go to Security > WAF > Managed rules.

  3. Next to the Execute rule that deploys the managed ruleset you want to browse, select the managed ruleset name.

  4. Select Browse rules.

    The Browse rules page displaying the list of rules in the Cloudflare Managed Ruleset

​​ Configure a single rule in a managed ruleset

To configure a rule in the Browse Managed Ruleset interface:

  1. Search for a rule using the available filters. You can search for tags.

  2. Find the rule you want to configure in the results list.

  3. In the result line for the rule you want to change, select the desired value for a field in the displayed drop-down lists. For example, select the rule action in the Action dropdown.

    In some managed rulesets, you can also change the status of a rule using the toggle next to the rule.

    The Browse rules page displaying the list of rules in the Cloudflare Managed Ruleset. In this interface you can override the behavior of specific rules.
  4. Select Next, and then select Save.

​​ Configure rules in bulk in a managed ruleset

To configure several rules at once in the Browse Managed Ruleset interface:

  1. Enter search terms in the available input to find the rules you want to configure. You can search for tags.

    Example of filtering rules by the wordpress tag in the Browse rules page
  2. In the results list, select the checkboxes for all the rules you want to configure.

    Alternatively, select a tag name under the search input to filter the rules with that tag, and then select the checkboxes for the rules you want to configure.

  3. Update one or more fields for the selected rules using the drop-down lists displayed in the top right corner of the table.

    Selecting all rules in a page displays additional drop-down lists above the table to override the behavior of several rules at once.
  4. Select Next.

  5. If you selected a tag, a dialog appears asking you if any new rules with the selected tag should be configured with the field values you selected.

    • Select Do not apply to new rules to apply your configurations to the selected rules only.
    • Select Apply to new rules if you want to apply your configurations to any new rules with the select tag.
  6. Select Save.

​​ Specify a custom expression for the ruleset

To apply the rules in the ruleset to a subset of incoming requests, specify a custom filter expression for the rule that executes the managed ruleset.

  1. Log in to the Cloudflare dashboard, and select your account and domain.

  2. Go to Security > WAF > Managed rules.

  3. Next to the Execute rule that deploys the managed ruleset, select the managed ruleset name.

  4. Select Edit scope.

  5. Under Set Scope, select Custom filter expression.

  6. Under When incoming requests match, define the scope for all the rules in the ruleset using a custom filter expression. Use the Expression Builder or the Expression Editor for defining the expression. For more information, refer to Edit expressions in the dashboard.

  7. Select Next, and then select Save.