WAF - Use Cloudforce One threat intelligence in WAF rules
20d ago
Source
CloudflareWAF - Use Cloudforce One threat intelligence in WAF rulescloudflare.comYou can now match incoming requests against Cloudforce One threat intelligence in your WAF rules. A new detection looks up the client IP address of each request against the threat intelligence database. If the IP was involved in threat activity in the past seven days, Cloudflare populates cf.intel.ip.* fields that you can use in custom rules and rate limiting rules . The detection populates the following fields. Use the any() function with the [*] wildcard to match array values: cf.intel.ip.datasets — the dataset that flagged the IP address ( ddos or waf ). cf.intel.ip.target_industries — industries the IP address has targeted. cf.intel.ip.attacker_names — known threat actors associated with the IP address. cf.intel.ip.attacker_countries — source countries of the threat activity. cf.intel.ip.target_countries — countries the IP address has targeted. For example, the following custom rule expression blocks requests from IP addresses associated with DDoS activity that have targeted France: any(cf.intel.ip.target_countries[*] == "FR") and any(cf.intel.ip.datasets[*] == "ddos") These fields work with the Cloudflare API and Terraform. Matches are logged in Security Analytics . The threat intelligence detection is available to customers with an active Cloudforce One subscription. For more information, refer to Threat intelligence .
You might also wanna read
Cloudflare expands AI bot management tools with granular traffic controls for all customers
Cloudflare is celebrating the second "Content Independence Day" by expanding AI traffic management options for all website owners. Building
Workers - Simpler runtime types with @cloudflare/workers-types v5
Cloudflare·2d ago
Cloudflare One - Hostname routing for Cloudflare Mesh
Cloudflare·3d ago
Cache - Cache multiple versions of a URL with Vary
Cloudflare·3d ago
AI Search - Manage AI Search sync jobs with Wrangler CLI
Cloudflare·3d ago
Workers - Work across multiple accounts with Wrangler auth profiles
Cloudflare·3d ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.