Configure HTTP DDoS Attack Protection in the dashboard
Configure the HTTP DDoS Attack Protection managed ruleset by defining overrides in the Cloudflare dashboard. DDoS overrides allow you to customize the action and sensitivity of one or more rules in the managed ruleset.
For more information on the available parameters and allowed values, refer to Ruleset parameters.
Create a DDoS override
-
Log in to the Cloudflare dashboard, and select your account and website.
-
Go to Security > DDoS.
-
Next to HTTP DDoS attack protection, select Deploy a DDoS override.
-
Enter a descriptive name for the override in Override name.
-
If you are an Enterprise customer with the Advanced DDoS Protection subscription:
- Under Override scope, review the scope of the override — by default, all incoming requests for the current zone.
- If necessary, select Edit scope and configure the custom filter expression that will determine the override scope.
-
Depending on what you wish to override, refer to the following sections (you can perform both configurations on the same override):
Configure all the rules in the ruleset (ruleset override)
- To always apply a given action for all the rules in the ruleset, select an action in Ruleset action.
- To set the sensitivity level for all the rules in the ruleset, select a value in Ruleset sensitivity.
Configure one or more rules
-
Under Rule configuration, select Browse rules.
-
Search for the rules you wish to configure using the available filters. You can search by tag (also known as category).
-
To configure a single rule, select the desired value for a field in the displayed dropdowns next to the rule.
To configure more than one rule, select the rules using the row checkboxes and update the fields for the selected rules using the dropdowns displayed before the table. You can also configure all the rules with a given tag. For more information, refer to Configure rules in bulk in a managed ruleset.
-
Select Next.
-
Select Save.
Delete a DDoS override
- Log in to the Cloudflare dashboard, and select your account and website.
- Go to Security > DDoS.
- Next to the DDoS override you wish to delete, select Delete.
- Select Delete to confirm the operation.