Managed WAF rules on subdomain level

Hi there,
under the pro plan, is there an option to enable specific WAF rules on individual subdomains? I.e. I have a website with wordpress running on and several other subdomains hosting different webservices. I would want to turn on the wordpress rulesets only for the subdomain running wordpress and not for the other subdomains. What’s the best approach in such a situation to keep everything slim and performant?



If on the Pro Plan you get APO bundled in so my first suggestion would be to install the CloudFlare Plugin on the WordPress site and enable APO on that subdomain.

That should then give you WordPress specific benefits whilst not impacting your non-WordPress sites.

The WAF is zone specific, although I don’t know if you can use Page Rules to disable specific Rules on Specific subdomains.

Okay, thanks for confirming that. I found I could probably write a rule to bypass the entire WAF for a specific subdomain but then that subdomain with its services would be completely without WAF which is not what I’m looking for. Too bad. But good to understand the functionality. I’ll take this into my conciderations…

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.