What does Cloudflare's Security Level mean?

The Security Level uses the IP reputation of a visitor to decide whether to present a challenge. A Cloudflare internal algorithm calculates an IP's reputation and assigns a threat score that ranges from 0 to 100. The security levels and the challenge display criteria:  

  • High - for scores greater than 0
  • Medium - for scores greater than 14
  • Low - for scores greater than 24
  • Essentially off - for scores greater than 49

You can adjust the Security Level for your domain in the Firewall app of the Cloudflare dashboard.

firewall-app.png

Cloudflare recommends starting at a medium security level (the default setting) to adequately protect your site.

I'm Under Attack Mode should only be used when a site is under a DDoS attack. Visitors will receive an interstitial page for about five seconds while Cloudflare analyzes the traffic and behavior to make sure it is a legitimate human visitor trying to access your website. I'm Under Attack Mode may affect some actions on your domain, such as using an API. You're able to set a custom security level for your API or any other part of your domain by creating a page rule for that section.

Still not finding what you need?

The Cloudflare team is here to help. 95% of questions can be answered using the search tool, but if you can’t find what you need, submit a support request.

Powered by Zendesk