Back to Agent Skills
Security & Quality
Cloudflare WAF Protection
Configure Cloudflare Web Application Firewall rules to protect against SQL injection, XSS, and DDoS attacks.
Claude Code Cursor
Overview
Cloudflare WAF (Web Application Firewall) provides enterprise-grade protection against web application attacks at the edge. It inspects incoming HTTP requests and blocks malicious traffic before it reaches your origin server. The WAF includes managed rulesets from Cloudflare, OWASP Core Rule Set, and custom rules that you define using the wirefilter expression language.
Cloudflare WAF operates at multiple layers: managed rules handle known attack patterns (SQLi, XSS, RCE, file inclusion), rate limiting rules prevent brute force and DDoS attacks, and custom rules allow you to create business-specific protections. The WAF also includes Bot Management to distinguish between legitimate bots (search engines) and malicious automated traffic.
Configuration can be managed through the Cloudflare dashboard, API, or Infrastructure as Code tools like Terraform and Pulumi. The Wrangler CLI allows developers to manage WAF rules programmatically. Cloudflare's analytics provide visibility into blocked attacks, top attack vectors, and geographic distribution of malicious traffic.
Cloudflare WAF operates at multiple layers: managed rules handle known attack patterns (SQLi, XSS, RCE, file inclusion), rate limiting rules prevent brute force and DDoS attacks, and custom rules allow you to create business-specific protections. The WAF also includes Bot Management to distinguish between legitimate bots (search engines) and malicious automated traffic.
Configuration can be managed through the Cloudflare dashboard, API, or Infrastructure as Code tools like Terraform and Pulumi. The Wrangler CLI allows developers to manage WAF rules programmatically. Cloudflare's analytics provide visibility into blocked attacks, top attack vectors, and geographic distribution of malicious traffic.
Who Is This For?
- Block SQL injection and XSS attacks at the edge
- Set up DDoS protection rules for public APIs
- Configure country-based access restrictions
- Create custom WAF rules for application-specific threats
Installation
Setup for Claude Code
npm install wrangler -gConfiguration
// Cloudflare WAF custom rule (wirefilter expression)
// Block SQL injection attempts
// (http.request.uri.query contains "UNION SELECT" or
// http.request.uri.query contains "DROP TABLE" or
// http.request.body.raw contains "'; --")
// wrangler CLI to manage rules
// wrangler deploy --config wrangler.toml
// Terraform example
// resource "cloudflare_ruleset" "waf_custom" {
// zone_id = var.zone_id
// name = "Custom WAF rules"
// kind = "zone"
// phase = "http_ratelimit"
// }Explore AI Tools
Discover the best AI tools that complement your skills
Read AI & Design Articles
Tips and trends in the world of design and AI
Related Skills
Security & Quality
Snyk Security Scan
Detect vulnerabilities in your dependencies and application code. Get actionable remediation advice and automatic fix pull requests.
Claude Code Codex Copilot
Security & Quality SonarQube Code Quality
Run continuous code quality and security analysis to catch bugs, code smells, and vulnerabilities before they reach production.
Claude Code Codex Copilot
Security & Quality OWASP ZAP Security Testing
Perform automated web application security testing to find common vulnerabilities like XSS, injection flaws, and misconfigurations.
Claude Code Codex