Configure HTTP DDoS Attack Protection in the dashboard
Configure the HTTP DDoS Attack Protection managed ruleset by defining overrides in the Cloudflare dashboard. DDoS overrides allow you to customize the action and sensitivity of one or more rules in the managed ruleset.
If you are an Enterprise customer with the Advanced DDoS Protection subscription, you can define up to 10 overrides. These overrides can have a custom expression so that the override only applies to a subset of incoming requests. If you do not have the Advanced DDoS Protection subscription, you can only deploy one override which will always apply to all incoming requests.
If you cannot deploy any additional overrides, consider editing an existing override to adjust rule configuration.
For more information on the available parameters and allowed values, refer to Ruleset parameters.
Create a DDoS override
Log in to the Cloudflare dashboard, and select your account and website.
Go to Security > DDoS.
Next to HTTP DDoS attack protection, select Deploy a DDoS override.
Enter a descriptive name for the override in Override name.
If you are an Enterprise customer with the Advanced DDoS Protection subscription:
- Under Override scope, review the scope of the override — by default, all incoming requests for the current zone.
- If necessary, select Edit scope and configure the custom filter expression that will determine the override scope.
Depending on what you wish to override, refer to the following sections (you can perform both configurations on the same override):
Configure all the rules in the ruleset
Under Ruleset configuration, select the action and sensitivity values for all the rules in the HTTP DDoS Attack Protection managed ruleset.
Configure one or more rules
1. Under Rule configuration, select Browse rules.
2. Search for the rules you wish to configure using the available filters. You can search by tag (also known as category).
3. To configure a single rule, select the desired value for a field in the displayed dropdowns next to the rule.
To configure more than one rule, select the rules using the row checkboxes and update the fields for the selected rules using the dropdowns displayed before the table. You can also configure all the rules with a given tag. For more information, refer to Configure rules in bulk in a managed ruleset.
4. Select Next.
Select Save.
Delete a DDoS override
- Log in to the Cloudflare dashboard, and select your account and website.
- Go to Security > DDoS.
- Under HTTP DDoS attack protection, select Edit next to the DDoS override you wish to delete.
- Select Delete deployment, and then select Delete deployment to confirm the operation.