“Better safe than sorry” ?!
Hello Community,
I’ve recently started securing my Discourse forums with Cloudflare. You never know how hackers and bots will get their hands on your server and user data in today’s (“Western vs. East ”) threat situation. Even if I also have data security & protection concerns from a European / German perspective (e.g. GDPR). But no matter, what must be, must be. Cloudflare seems to be doing a good job.
I setup the Cloudflare template to the app.yml.
Configured the domains.
Now I would like to hear from you guys, the real professionals, how you have configured the Cloudflare Security WAF (Web Application Firewall)? What rules did you define? What should not be forgotten under any circumstances?
Inspired by a Wordpress user: