WAF is set globally or not?


I am trying to check if WAF is enabled, not really sure how to verify this and also if is set globally or per domain (and subdomains)?

I undertand, perhaps, I need to configure at least one Managed Rule or Firewall Rule in order to enable it?

Are you referring to managed rules?

These can be configured and enabled at https://dash.cloudflare.com/?to=/:account/:zone/security/waf/managed-rules.

so, in order to have WAF enabled is needed to have at least one rule configured there?

If you mean managed rules, you need to enable them there.

What exactly are you referring to?

Yes, I mean I want to me make sure WAF is enabled, and also If can be set per domain(subdomain) based (if is needed to configure a rule to activate it) or is set globally?

Yes, you enable the managed rules on that page. That’s also where you fine tune the individual rules.

For a per-host setting, you can use page rules.

ok, thanks, so until I configure some rules WAF won’t be enabled. Thanks for the clarification

You just need to check if it is enabled or not. If it is, the individual rules will apply according to their settings.

but how to enable it without configure any rule?

As mentioned at WAF is set globally or not? - #2 by sandro

got it, thanks!

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.