Had a question to see if CloudFlare has a detection mode to where I can see requests and potential attacks hitting the site without a particular service being in a protection mode, similar to Azure’s WAF ability. For example, I am a little hesitant by enabling the web application firewall since it has the potential to be disruptive to our web services. Is there a way to have this in a detection mode so it won’t block the attacks, but will alert / notify me so I can see if there is a specific feature within the WAF settings to enable… such as cross site scripting blocks.

I would also like to know if this also applies to DDOS based attacks. I see these are enabled by default when you orange cloud your URL, but can these be put into detection mode as well?

image1381×693 50.5 KB

Any assistance is much appreciated!
Thanks,

Hi @kjs00333,

For the WAF, there is a ‘simulate’ action, which should log any events in the forewall event log, but not actually cause any disruption to your visitors.

I don’t think the same can be applied for DDoS attacks, which should be automatically blocked/challenged.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.