Cloudflare Announces Free Web Application Firewall

Cloudflare has announced that it is offering a free Web Application Firewall (WAF) to its free plan subscribers. WAF will provide access to the WAF user interface which comes with a set of rules that can be used to automatically block known threats.

The free managed set of rules has been tested against the Cloudflare network and allows free users to activate their firewall and start enjoying the benefits of the firewall right away.

Since the rules are a managed set of rules, free users will benefit from updates that will protect their sites from new, large-scale security threats.

The free firewall tier is specifically tuned to protect WordPress sites as it protects against common WordPress exploits.

Cloudflare WAF

Cloudflare WAF is an application firewall that monitors incoming web traffic from the Internet to a website and automatically blocks any traffic it identifies as malicious.

A firewall uses a ruleset, which is a set of patterns and signals, that it looks for to identify and filter malicious traffic.

Cloudflare Free Managed Rules Collection

Free Cloudflare WAF comes with a set of managed rules designed to prevent many common vulnerability attacks.

A managed rule set consists of preconfigured rules that allow the user to deploy the firewall and have it ready to scan and block malicious web traffic.

The benefit of a managed set of rules is that the firewall is ready to deploy and with minimal configuration on the user’s part.

Cloud Flair Describes this free managed rule set:

“Designed to provide mitigation for high impact, widespread vulnerabilities. Rules are safe to deploy in most applications. If you deploy a Cloudflare managed rule set for your site, you do not need to deploy that managed rule set.”

The free managed ruleset will be updated whenever a large-scale threat emerges that could affect many websites. This is a huge deal that can go a long way towards mitigating the effects of brand new hacking attacks.

The free version of Ruleset protects against the Shellshock server security bug, prevents Log4J vulnerabilities, and protects WordPress sites from common WordPress vulnerabilities.

Access the Cloudflare Firewall user interface

Cloudflare provides the free tier of users to access the firewall user interface (UI), which is a dashboard where publishers can manage their firewall.

The dashboard allows users to change their firewall as well as monitor the actions the firewall takes via the Security Overview tab.

Free users can do the following in the dashboard:

Bypass all rules to LOG or any other action.

Override only specific rules to LOG or any other action.

Completely disable the set of rules or any specific rule”


Read the official Cloudflare announcement

WAF for Everyone: Protect the Web from Highly Severe Vulnerabilities

Learn about rulesets managed by Cloudflare WAF

Managed rules

Read about the redesigned Cloudflare WAF UI

A new WAF experience

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button