Cloudflare App
Cloudflare Apps will be sunset soon
Cloudflare Apps are deprecated.
We recommend you to follow the Cloudflare Worker guide instead for new installations.
This module is dedicated to be used on Cloudflare, using the App with Workers feature.
Installation
Prerequisites
datadome_server_side_key
available in your DataDome dashboard.
Protect your traffic
- Connect to your Cloudflare console .
- Select the website you can to protect.
- Click on Apps at the lower left side of the console.
- Click on Search Apps.
- Search for
DataDome
. - Click on the the app, then on Preview on your site .
Identify your DataDome account with OAuth
We recommend to use OAuth to identify your DataDome account.
Refer to this section for an alternative solution.
- Click on Login or Register to link your existing DataDome account to your Cloudflare account or to create a new account on DataDome.
- Enter your DataDome credentials to log in or sign up.
- Click on Install on all pages button found at the bottom of the page.
Congrats! You can now see your traffic in your DataDome dashboard.
Configuration
Access advanced for both server-side options and client-side options in the App Editor by checking the Optional settings boxes.
Refer to the next Settings section for the full list of possible configuration settings.
Settings
Server-side setting | Description | Required | Default |
---|---|---|---|
Server-side key | Your DataDome server side key, found in your Dashboard. | Yes | "" |
Timeout | The request timeout to DataDome API, in milliseconds | No | 300 |
Static assets URI exclusion regex for Server-side detection | Regular expression to exclude URIs from the DataDome analysis. Only executed for GET and HEAD requests. | Optional | List of excluded static assets below |
URL inclusion regex for Server-side detection | Regular expression to include URIs in the DataDome analysed traffic (ex. "/https:\/\/sub\.domain\.com\/my\/path/i" ) | Optional | "" |
URL exclusion regex for Server-side detection | Regular expression to exclude hostnames from the DataDome analysis (ex: "/https:\/\/sub\.domain\.com\/my\/path/i" ) | Optional | "" |
IPs exclusion for server-side detection | List of IPs. The traffic sent from these IPs will not be sent to DataDome. ex: ["192.168.0.1", "192.168.0.2"] | Optional | "" |
GraphQL support | If checked, extract GraphQL operation name and type on request to a /graphql endpoint to improve the protection. | Optional | false |
Enable DataDome logs | If checked, some debug information about our API response is added inside a new header X-DataDome-log . | Optional - for debug purposes only |
/\.(avi|flv|mka|mkv|mov|mp4|mpeg|mpg|mp3|flac|ogg|ogm|opus|wav|webm|wep|bmp|gif|ico|jpeg|jpg|png|svg|svgz|swf|eot|otf|ttf|woff|woff2|css|less|js)$/i
Client-side setting | Description | Required | Default |
---|---|---|---|
Client-side key | Your DataDome client-side key, found in your Dashboard | Yes | "" |
Client-side advanced options | JSON object describing JS Tag options. | No | "" |
URL exclusion regex for Client-side detection | Regular expression to not add the JS Tag to the pages matching the URL pattern. (ex: "/https:\/\/sub\.domain\.com\/my\/path/i") | Optional | "" |
URL inclusion regex for Client-side detection | Regular expression to add the JS Tag to the pages matching the URL pattern.(ex: "/https:\/\/sub\.domain\.com\/my\/path/i" ) | Optional | "" |
Client-side tag URL | URL of the JS Tag. Change default value to include the tag as a first party. | Optional | "" |
Client-side endpoint URL | URL of the JS Tag endpoint. Change default value to include the tag as a first party. | Optional | "" |
Update
- Connect to your Cloudflare console and go to the Apps section.
- Click on Your installed Apps.
- If there is a new version of DataDome available, click on Update.
- Verify your settings.
- Click on Save changes on all pages.
Congrats! Your app is updated!
FAQ
How can I configure the JS Tag to support AJAX calls?
DataDome requires the configuration of a listener to protect AJAX calls.
To do so, configure the value of Client-side Protection Options as follow:
- Configuration of the listener for a single endpoint:
{ "ajaxListenerPath" : "domain/api"}
- Configuration of the listener for multiple endpoints:
{ "ajaxListenerPath" : ["domain1/api", "domain2", "domain3"] }
How can I disable the rate limiting feature of my Cloudflare site DataDome module is activated?
Burst rate
Accounts using the Workers free plan are subject to a burst rate limit of 1000 requests per minute.
DataDome module relies on Cloudflare Worker technology.
When used on websites with a lot of traffic, it may trigger an internal Cloudflare limit for Workers.
This can be inspected in Cloudflare firewall events.
If you are impacted by this limitation, please contact the Cloudflare support in order to lift this limit on your account:
- Log in your account.
- Click on the Support drop-down menu.
- Log in your Cloudflare support site.
- Select My Activities & Requests to access the Submit a Request button.
- Click on Get additional help.
- Create a new support ticket with a clear summary (ex:
Rate Limiting on Cloudflare app
).
- Fill in the description with an explanation text such as the example below:
Hello,
We enabled DataDome Cloudflare app on our domain.
To make sure that Cloudflare rate limiting feature will not affect the behavior of this app
(blocking subrequests to its web servers).
Could you please disable the rate limiting feature for all requests toward the host
api-cloudflare.datadome.co?
This is a known issue regarding workers embedded in apps, that has already been handled by Cloudflare
support for other DataDome customers.
Regards,
- Review your content and submit the ticket.
How can I avoid OAuth to login on DataDome?
Enter the server-side and client-side keys found in your Dashboard in the appropriate fields.
Updated 10 months ago