CD
Cloudflare Developers3mo ago
ChancellorEgg

WAF Security and Rules

Hello There I am noob to using Cloudflares security options So this may be a stupid question. I have been using Cloudflare for sometime to manage my domains but am now venturing into the security products offered. How do I go about setting up custom WAF rules to prevent cross-site scripting and SQL injection on my Domain and project that use Cloudflare Pages? Any assistance would be greatly appreciated.
3 Replies
Chaika
Chaika3mo ago
Hey, Pro or higher comes with Managed Rulesets including OWASP Core and Cloudflare's Custom, which include a bunch of rules targeting xss/sql injection/etc
No description
Chaika
Chaika3mo ago
Free websites have a free ruleset which contain a few high risk vulnerabilities but nothing that could false positive, and that's on always by default/no config
ChancellorEgg
ChancellorEgg3mo ago
Ah I see. Thank you for the reply. So for context I'm going more into the web dev side of things. Plan for now is to start with smaller sites then build. About what size / security risk does it warrant convincing clients to consider paying for the Pro. Obviosuly one should pay for secruity but country I live in is economically in the dumps so people always looking to safe money
Want results from more Discord servers?
Add your server
More Posts
Turnstile setting secret via envHello i have question about this i have turnstile and want to set the secret via context.env and thiGetting cf worker timeouts on userAgents that end in Safari/537.36 or FB In app browsers.Hello all. I've been logging the behaviour of my CF worker and some requests end up timing out (I haUsing polyfills in Workers for ESNext featuresI wanted to know if there's a way to use polyfills in workers for ESNext features, specifically, thesuper sick, would love to hear somesuper sick, would love to hear some detailsIs there way to avoid having Workers run from EU- or Canada-based datacenters?Hello there, I want to use CF Workers to send API requests to Google Gemini which is not available How to get keywords that people used at the search engines when entered my website?for example at the UI u can see the keyword that the user used in Google for example that through iti want help with port forwarding and domain linkingi have installed pterodactyl panel and i have to make it like work with my domain which i have purchbot not coming onlinemy bot goes offline and does not responds to commands after i close vs code... i have hosted it on c