WAF Managed Rulesets

Hi guys! I have a question regarding the WAF Managed Ruleset. When you have a paid plan such as business or enterprise, is the
1.) Cloudflare Managed Ruleset and
2.) OWASP Mod Security Package

on by itself or do you have to “enable” both of them (separately) or are they automatically running in those plans? I understand that you have to configure the custom WAF rules yourself but not sure about the other two.

Thanks in advance for your help!

I’m not sure which ones are on by default. I know I’ve gone through mine turning them on and off as needed. Is something not working for you?

no I didn’t try yet but would like how proactive you have to be to make use of these features. So it would mean you at least need to turn them on if you have the certain plan in which they are included?

This topic was automatically closed after 30 days. New replies are no longer allowed.