Configure individual Cloudflare rules for website pages
You can set up individual Cloudflare rules for website pages. The rules will be executed even if they do not match the global settings for a domain zone.
Cloudflare free allows creating only 3 sets of rules. You can create only one set for one page.
To create a rule for the page:
- Log in to ISPmanager as the User.
- Check that the domain is connected to Cloudflare. For more information please refer to the article Connect a domain to Cloudflare.
- Go to Tools → Cloudflare → Page rules → Add.
- Enter the Page address that the rule will be created for.
- To redirect to another page:
- Enable the option Redirect.
- Enter the Destination.
- Enter the Return code.
Enable the HTTPS option to redirect to the secure protocol.
You can provide the page settings only if the options Redirect and HTTPS are disabled.
- After you have enabled the option Always online, when your server goes down, Cloudflare will serve pages from its cache, so visitors still see some of the pages they are trying to visit.
- Enable the option Automatic HTTPS rewrites to rewrite links to unencrypted resources from HTTP to HTTPS.
- In the Browser TTL field you can specify how long in seconds resources cached by client browsers remain valid.
- Browser integrity check — this option allows Cloudflare to look for common HTTP headers abused most commonly by spammers and denies access to your page. It will also challenge visitors that do not have a user agent or a non-standard user agent. Access will be blocked if the threat is detected.
- Set the page Caching level:
- Disabled — disable caching;
- No query string — only delivers resources from the cache when there is no query string;
- Ignore query string — delivers the same resource to everyone independent of the query string;
- With query parameters — delivers a different resource each time the query string changes;
- Cache all — cache all data.
- In the Disable functions field select the functions that will be disabled for the field:
- Protection — disable Email Obfuscation", SSE (Server Side Excludes), WAF, Rate Limiting, and Web scraping (Scrape Shield);
- Performance improvement — disable Minification, Rocket Loader, Mirage, Polish;
- Applications — disable all Cloudflare applications.
- Select the checkbox Email obfuscation to hide email addresses on your web page from bots while keeping them visible to humans.
- Select a Security level:
- Under attack — this level is used when your website is under DDoS attack;
- High — challenge all of the users detected as offending in the past 14 days;
- Medium — challenge users who pose some threat;
- Low — challenge users who pose the greatest threat;
- Essentially off — challenge only the most abusive users.
Enable the option SSE if you want to hide sensitive content on your website from suspicious visitors. You will need to wrap the content with the following tags
- Set an SSL certificate for the domain to establish an encrypted link between a web server and a browser:
- Off — no secure connection between your visitor and Cloudflare, and no secure connection between Cloudflare and your web server either. This means that visitors can only view your website over HTTP;
- Self-signed — secure connection between visitors and Cloudflare, and secure connection (but not authenticated) between Cloudflare and your web server;
- Flexible — choose this option, if your origin web-server cannot accept secure (HTTPS) connections. Visitors will be able to access HTTPS, but requests to the web-server will be sent through HTTP;
- Existing — secure connection between visitors and Cloudflare, and secure and authenticated connection between Cloudflare and your web server.
- Click on Ok to save the changes in Cloudflare.