The Security Level uses the IP reputation of a visitor to decide whether to present a challenge. A Cloudflare internal algorithm calculates an IP's reputation and assigns a threat score that ranges from 0 to 100. The security levels and the challenge display criteria:
- High - for scores greater than 0
- Medium - for scores greater than 14
- Low - for scores greater than 24
- Essentially Off - for scores greater than 49
You can adjust the Security Level for your domain in the Settings tab of the Firewall app within the Cloudflare dashboard.
Cloudflare recommends starting at a medium security level (the default setting) to adequately protect your site.
I'm Under Attack Mode should only be used when a site is under a DDoS attack. Visitors will receive an interstitial page for about five seconds while Cloudflare analyzes the traffic and behavior to make sure it is a legitimate human visitor trying to access your website. I'm Under Attack Mode may affect some actions on your domain, such as using an API. You're able to set a custom security level for your API or any other part of your domain by creating a page rule for that section.