Cloudflare has a few ruleset packages that are available for use in Cloudflare's Web Application Firewall (WAF). These are:
- Cloudflare Rulesets (predefined),
- OWASP Rulesets (predefined),
- Custom WAF Rules (customisable for your business)
Our article, How do I configure the WAF?, gives a good overview of the different types of rulesets that you can configure in more detail. However, for this article, we will describe how to create a Custom WAF rule.
What is a Custom WAF rule?
Custom WAF Rules, available on the Business and Enterprise plans, are rules that the Cloudflare WAF team writes specifically for a customer, based on that customer's unique requirements and/or their website's traffic patterns. This means that you can ask us to block virtually any combination of characteristics of a request.
This is to cater for situations where the attacker may be using a specific pattern or user agent and the Cloudflare WAF doesn’t have a rule in place already, that may be targeted specifically for your website's structure and not other customers. In these situations, you can create a custom rule for your web property.
Example use case:
For example, we can make a rule that blocks a request if the URL contains the word "hello", and the User-Agent contains the word "world", and only if that request's Referer doesn't contain "example.com". The possibilities are endless. For Custom rules, we will either create a rule as per your requirements, or in some cases we will review traffic patterns using logs either on our end or from your servers, and come up with the appropriate rules that would protect you from any undesired traffic.
How to create a Custom WAF rule? How to submit a Custom WAF rule request?
There are two ways to create a custom WAF rule:
1. Submit your Custom WAF Rule request via a Support ticket - Please contact us by submitting a support ticket with the relevant information.
2. Submit your Custom WAF Rule request through your Cloudflare dashboard - You can also request a custom WAF rule through the Cloudflare dashboard in the Web Application Firewall section by click on WAF Rule Request.
Please note that Custom WAF rules can take up to 3 business days to be implemented fully. This is due to our staff having to build, test, and deploy the rule(s).
Here's the steps to submit a Custom WAF rule request in your Cloudflare dashboard.
1. Go to your Firewall tab
2. Click on your Web Application Firewall sub-tab
3. Select the WAF Rule Request option
4. Fill in your details in the WAF Rule Request text box