Learn how Cloudflare Under Attack mode protects your site and how to enable it when your site is under DDOS attack.
Overview
Cloudflare Under Attack Mode performs additional security checks to help mitigate Layer 7 DDoS attacks. Validated users access your website and suspicious traffic is blocked. When enabled, visitors see an interstitial page:

The "Checking your browser before accessing..." challenge determines whether to block or allow a visitor within 5 seconds. After passing the challenge, the visitor does not observe another challenge until the duration configured in Challenge Passage in the Cloudflare Firewall app under the Settings tab.
The parameters __cf_chl_jschl_tk__ and __cf_chl_captcha_tk__ are added to the url after a visitor successfully passes a challenge or Captcha, respectively. These parameters ensure that visitors challenged via JavaScript or Captcha don't need to refill and resubmit form data (HTTP POST) after passing a challenge.
Enable Cloudflare Under Attack mode
Enable I’m Under Attack mode via the following steps:
- Log in to your Cloudflare account.
- Select the domain to protect.
- Click the Firewall app.
- Click the Settings tab.
- Under Security Level, select I'm Under Attack!.