CloudFlare leverages the knowledge of a diverse community of websites to power a new type of security service. Online threats range from nuisances like comment spam and excessive bot crawling to malicious attacks like SQL injection and denial of service (DOS) attacks. CloudFlare provides security protection against all of these types of threats and more to keep your website safe.
Automatic learning of new attacks
CloudFlare’s technology automatically detects new attacks that arise against any website on its network. Once CloudFlare identifies that there is a new attack, CloudFlare starts to block the attack for both the particular website and the entire community. This also means the longer you are on CloudFlare, the better the protection becomes. See a customer case study at the CloudFlare blog.
Ridiculously easy security
Forget the confusing control panels of most security products. With CloudFlare, simply choose the security setting for your website. You can choose between I'm under attack!, High, Medium, Low and Essentially off. Provide the full armor defense, or stop only the worst threats. Behind the scenes, our systems learn about your site and automatically tune protection to your particular needs.
Threat reports and details
CloudFlare shows you the list of threats that have been stopped from reaching your website. You can sort and see threats by type, country origin, and severity. CloudFlare protects against a range of threats: cross site scripting, SQL injection, comment spam, excessive bot crawling, email harvesters, and more.
One-click SSL (Pro, Business and Enterprise)
SSL adds an additional layer of security for your visitors coming to your website. Add SSL with a single click without requiring you to change your existing configuration. CloudFlare makes it extremely easy to extinguish
Web application firewall (WAF)
With no hardware to install, you can stop real-time attacks like SQL injection, cross-site scripting and comment spam with CloudFlare’s cloud-based web application firewall, which stops the malicious attack before it can cause damage to your website.
Add SSL with a single click without requiring you to change your existing configuration.
Business and Enterprise features
Advanced DDoS protection – layer 3 and 4
Your network and servers are automatically protected from a range of TCP floods including SYN, UDP and ICMP attacks. Never install another piece of hardware or software, and never worry again about bandwidth and overage fees.
Advanced DDoS protection – layer 7
Sudden surges in traffic are often difficult to manage. CloudFlare layer 7 DDoS protection offers your website automatic protection by constantly monitoring and reacting to changes in your site’s traffic patterns.
Custom mod_security rules
Allow CloudFlare to manage your mod_security rules from our edge without the overhead of actually running mod_security, including OWASP compliance rules
Enable SSL with either a SSL certificate issued by CloudFlare or by uploading your own dedicated certificate to the CloudFlare network. We allow for upload of any SSL certificate type including Extended Validation (EV) SSL.