You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Bot protection on Cloudflare works through two complementary mechanisms: built-in settings configured through toggles in **Security Settings**, and [WAF custom rules](/waf/custom-rules/) that you write using [bot management fields](/bots/reference/bot-management-variables/). Understanding when to use each approach helps you avoid creating duplicate rules and simplifies your security configuration.
14
14
@@ -36,7 +36,7 @@ Custom rules are valuable when you need capabilities that built-in settings do n
36
36
37
37
Since Bot settings apply to all traffic across your domain, you may need an alternative approach to bot handling for different paths using custom rules — for example, stricter protection on `/login/` than on `/public/`.
38
38
39
-
#### Example
39
+
#### Example
40
40
41
41
Block likely automated traffic only on your login endpoint:
42
42
@@ -62,7 +62,7 @@ Challenge likely automated traffic only from specific ASNs:
62
62
63
63
### Custom actions
64
64
65
-
Bot settings offer **Block**, **Managed Challenge**, and **Allow** as actions.
65
+
Bot settings offer **Block**, **Managed Challenge**, and **Allow** as actions.
66
66
67
67
If you need other actions, such as **Log** (for testing rules before enforcement), **Interactive Challenge**, or **Skip** (to bypass other rules), you need custom rules.
68
68
@@ -76,6 +76,6 @@ To send bot scores, verified bot status, or JA3/JA4 fingerprints to your origin
76
76
77
77
## Execution order
78
78
79
-
Custom rules execute before Super Bot Fight Mode managed rules. If a custom rule takes a terminating action(such as **Block** or **Managed Challenge**), the request does not reach bot settings.
79
+
Custom rules execute before Super Bot Fight Mode managed rules. If a custom rule takes a <GlossaryTooltipterm="terminating action">terminating action</GlossaryTooltip> (such as _Block_ or _Managed Challenge_), the request does not reach bot settings.
80
80
81
-
Refer to [Security features interoperability](/waf/feature-interoperability/) for more information.
81
+
Refer to [Security features interoperability](/waf/feature-interoperability/) for more information.
Cloudflare applies multiple security features to every incoming request. Each feature runs at a specific stage, and the order determines which feature acts first. Understanding this order helps you avoid conflicts and reduce false positives.
12
19
13
20
## Execution order
14
21
15
-
Cloudflare security features powered by the [Ruleset Engine](/ruleset-engine/) run in a fixed sequence of phases. When a request arrives, it passes through each phase in order. If a rule takes a [terminating action](/ruleset-engine/rules-language/actions/) (for example, _Block_ or _Managed Challenge_), the request stops and does not reach later phases.
22
+
Cloudflare security features powered by the [Ruleset Engine](/ruleset-engine/) run in a fixed sequence of phases. When a request arrives, it passes through each phase in order. If a rule takes a <GlossaryTooltipterm="terminating action"link="/ruleset-engine/rules-language/actions/">terminating action</GlossaryTooltip> (for example, _Block_ or _Managed Challenge_), the request stops and does not reach later phases.
16
23
17
24
The security-related request phases, in execution order, are:
0 commit comments