![[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!](https://beyondjapan.com/cms/wp-content/uploads/2022/12/recruit_blog_banner-768x344.jpg)
[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!
![[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services](https://beyondjapan.com/cms/wp-content/uploads/2021/03/AWS_構築・運用保守-768x344.png)
[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services
![[Successor to CentOS] AlmaLinux OS server construction/migration service](https://beyondjapan.com/cms/wp-content/uploads/2023/08/almalinux_blogbanner-768x344.png)
[Successor to CentOS] AlmaLinux OS server construction/migration service
![[For WordPress only] Cloud server “Web Speed”](https://beyondjapan.com/cms/wp-content/uploads/2022/11/webspeed_blog_banner-768x344.png)
[For WordPress only] Cloud server “Web Speed”
![[Cheap] Website security automatic diagnosis “Quick Scanner”](https://beyondjapan.com/cms/wp-content/uploads/2023/04/quick_eyecatch_blogbanner-768x345.jpg)
[Cheap] Website security automatic diagnosis “Quick Scanner”
![[Reservation system development] EDISONE customization development service](https://beyondjapan.com/cms/wp-content/uploads/2023/06/edisone_blog_banner-768x345.jpg)
[Reservation system development] EDISONE customization development service
![[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”](https://beyondjapan.com/cms/wp-content/uploads/2021/03/Appmill_ブログバナー-768x344.png)
[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”
![[Compatible with over 200 countries] Global eSIM “Beyond SIM”](https://beyondjapan.com/cms/wp-content/uploads/2024/05/beyond_esim_blog_slider1-768x345.jpg)
[Compatible with over 200 countries] Global eSIM “Beyond SIM”
![[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”](https://beyondjapan.com/cms/wp-content/uploads/2024/05/china-sim_blogbanner-768x345.jpg)
[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”
![[Global exclusive service] Beyond's MSP in North America and China](https://beyondjapan.com/cms/wp-content/uploads/2024/06/gloval_surport_blog_slider-768x345.jpg)
[Global exclusive service] Beyond's MSP in North America and China
![[YouTube] Beyond official channel “Biyomaru Channel”](https://beyondjapan.com/cms/wp-content/uploads/2021/07/バナー1-768x339.jpg)
[YouTube] Beyond official channel “Biyomaru Channel”
[WAF] About Cloudflare WAF functions [Security]
table of contents
This is Ohara from the technical sales department.
This article summarizes
Cloudflare (Information as of June 2022)
Cloudflare WAF overview
Cloudflare WAF (Web Application Firewall) is an advanced software that keeps applications secure and productive, stops DDoS attacks, evades bots, detects anomalies and malicious payloads, and monitors browser supply chain attacks. Application security platform.
Cloudflare's powerful application security capabilities are integrated with other leading application performance portfolios and, like the foundation of Cloudflare CDN, are delivered from global cloud platforms around the world.
Key features of Cloudflare WAF
Cloudflare WAF is powered by a global edge network spanning 250+ cities in 100+ countries with instant, unlimited scaling.
| Security features | Main features |
| Layered protection from multiple WAF rulesets Prevent malicious payloads in request components with multiple rulesets. | ・Rules managed by Cloudflare ・Third party rulesets (OWASP TOP 10) ・Custom rulesets to stop attacks |
| WAF ML (machine learning based detection) | WAF custom rules leverage ML-generated attack scores to stop bypasses, attack variations, and anomalies. |
| Updated rules for zero-day protection | Rules are continually updated by the Cloudflare security team to protect against new attacks and zero-day vulnerabilities before patches and updates become available. |
| Platform-specific rule sets for major CMS and e-commerce platforms | Protect platforms such as WordPress, Joomla, Drupal, Magneto, and IIS at no additional charge. |
| Custom rule configuration | When deploying a rule or ruleset, choose from BLOCK / LOG / CHALLENGE / CAPTCHA / RATE LIMIT and other options. |
| Advanced rate limiting | Rate limit individual IP addresses or block abuse, DDoS, and brute force attacks that target your applications and APIs by header, ASN, or country. |
| IP reputation database | Block connections from malicious IP addresses using real-time intelligence of over 1 billion unique IP addresses. |
| Data loss prevention | Block responses that contain personally identifiable information or sensitive data such as financial information, credit card numbers, API keys, and other secrets. Exposed Credential Checking Detects brute force attacks with stolen credentials before end user accounts are compromised. |
| SSL/TLS | Completely mitigate and configure SSL traffic for your applications. |
| Fewer false positives | Rules tested with high volumes of traffic to minimize false positives. |
| gRPC and WebSocket support | Proxy and secure gRPC and WebSocket endpoint traffic. |
| Customizable block page | Customize block pages to suit your site visitors. |
summary
Cloudflare WAF is a service that combines with Cloudflare CDN itself, enabling default WAF functionality with a simple click from the console. Also, the above Cloudflare WAF features are just examples; Cloudflare's Enterprise plan offers even more flexible and customizable features.
Beyond also provides Cloudflare CDN and WAF construction, operation and maintenance services Please feel free to contact us when implementing Cloudflare.
11
Loading...11 
![[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution](https://beyondjapan.com/cms/wp-content/uploads/2024/05/59b34db220409b6211b90ac6a7729303-1024x444.png)
[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution
The person who wrote this article
About the author
