Hi,
Reading the documentation, I see that ClouFLare recommend enabling “Managed Rulesets” in WAF.
Do you recommend activating these 3 rules?
Why aren’t they enabled as standard?
Is there an impact on my traffic to activate these 3 rules?
THANKS
Hi,
They aren’t enabled because each site is different, and yes, they may and should have an impact on your visitors, by blocking unwanted malicious requests. False positives may occur, and so you should enable them and monitor your Security Events log and adjust accordingly. You can create WAF Exceptions for specific rules or even for a whole ruleset based on specific criteria you define (for instance, skip a protection against uploads if the IP address matches yours.)
I’m not sure which documentation you’ve read, since Cloudflare documentation is being rewritten, but here’s a link with description of each of the Managed Rulesets and what they do.
does that mean that when we activate a site only the DDos protection is active?
That’s not what their sales department told me
Almost any security (or even performance) feature available to millions of Cloudflare users could potentially impact negatively an individual website. That’s why there are few default settings enabled right after proxying a site through Cloudflare. You should definitely review the several security features and see which make sense for your website or app.
Hi @milirose I will drop you a private message, I am curious who in our sales team you were speaking with.
Hi @cloonan
I had 2 different people before creating my account at Cloudflare. I called +33 1 73 01 52 44 and asked for the “sales” service
They both told me that creating my account (and of course using your DNS in Proxy mode) was enough to have basic good protection: DDOS + identification of suspicious IP addresses, etc. .
So, is it true? or do I have to activate these protections myself?
Thank you
That is true, but you do need to make some decisions on settings based on your situation. Some of those decisions require you to look at the traffic you are getting and determining where & when you need to make specific security settings to ensure your site remains safe.
Hi,
Excuse me for insisting but I’m a little lost.
Regarding security (and only this point), can you tell me exactly what is activated by default when you activate Proxy mode on a website?
Thanks
AU moins me dire, sans ambiguité, si l’identification des IP suspectes et/ou frauduleuses et la protection est bien activée dès la création du compte, sans rien activer de spécifique ?
When you proxy a domain via Cloudflare, the Security Level is set by default at Medium. You can then increase it to High or I’m Under Attach (this will present a challenge to every request except for Known Bots, like search engines etc.). Or you can lower it to Low or Essentially Off. The Security Level is a setting that will block suspicious requests based on IP reputation.
Security Level, however, like any product based on IP reputation, is limited. It depends on the freshness of information re: any individual IP, and hackers know better than to only use the same IP over and over.
For that reason you should read the other topics on the left side of the page linked above and familiarize yourself with the tools you can use to customize your own security based on your website’s goals, visitors profile etc.