Cloudflare for the on-call

Using Cloudflare to look for problems

The security section of the Cloudflare web UI is a convenient way to filter on specific meta-data to find problematic traffic. This interface is also very useful to see what rules are being applied to traffic.

Understanding Cloudflare Security Analytics

Using Cloudflare to stop problems

During an incident, making changes to the firewall rules and page rules is expected. But be certain you follow proper process afterwards to make certain that the changes are reflected in the right locations and follow the Cloudflare rules management processes.

Note: For audit purposes, any manual changes in the UI must be documented in the associated incident or issue. Please note the ResourceID and add ~Cloudflare UI Change label.

Adding firewall rules

A firewall rule should be used for the following types of actions:

Blocking an IP address
Adding captcha challenges to a path
Prevent WAF rules from blocking legitimate traffic

Firewall rules can match against many types of request attributes.

The rule must adhere to the description format of Cloudflare rules described in the Naming Conventions

Note: For audit purposes, any manual changes in the UI must be documented in the associated incident or issue. Please note the ResourceID and add ~Cloudflare UI Change label.

Manage firewall rules in the Cloudflare UI

Adding page rules

A page rule should be used for the following types of actions:

Redirecting requests of a certain URL to another location
Modifying cache policy for certain URL

Keep in mind that page rules can only match on request paths.

Understanding and Configuring Cloudflare Page Rules

Opening Cloudflare Support Issues

In 1password, in the Production vault is an entry named Cloudflare Contacts and Escalation. This contains escelation and support instructions.