Cloudflare

DataDome Cloudflare app detects and protects against bot activity

This module is dedicated to be used on Cloudflare, using the App with Workers feature

Before the regular Cloudflare process kicks-in, an event is triggered and processes the DataDome logic in a Workers function.
The module makes a call to the closest DataDome endpoint. Depending on the API response, the module either blocks the request or lets Cloudflare proceed with the regular process.

The module has been developed to protect the visitors' user experience: if any errors were to occur during the process, or if the timeout is reached, the module will automatically disable its blocking process and allow the regular Cloudflare process to proceed.

Prerequisites

A free trial must be started (by using the sign-up form) or an account must be enabled by a DataDome representative. The relevant Cloudflare site will be assigned a unique “API key” and “JS key”.

How to install and configure

  1. Connect to your Cloudflare console and go to the Apps section
  2. Click on "Explore Apps"
  3. Search for "DataDome"
  1. Click on the the app, then the "Preview on your site" button

Identify with OAuth (recommended - see the FAQ for an alternative solution):

  1. Click on "Login or Register" to link your existing DataDome account to your Cloudflare account or to create a new account on DataDome.
  1. The following panel will display, allowing you to login or SignUp.
  1. You can access advanced options by selecting the "Show advanced options" box.
    Advanced options allow you to configure the following:
  • JS Tag options: JSON object containing all the keys & values to configure the JSTag (see JSTag documentation)
  • Change the default timeout: Response Timeout from the DataDome Server (in ms).
    We recommend not to change these settings without referring to a DataDome support team first.
  1. Click on the 'Install on all pages' button found at the bottom of the page

Congrats! Your website is ready to be protected, at the Edge, against bot traffic!

Settings

Setting

Description

Required

Default

Server-side key

Your DataDome server-side key

Yes

""

Timeout

Timeout for response from the DataDome Server (in ms)

No

150

Static assets URI exclusion regex (for server-side)

Ignores all matching URIs. Used for excluding traffic associated with static assets (ex: "/.js/i"). Only executed for GET and HEAD requests. The associated traffic will not be sent to DataDome for analysis.

Optional

static assets regex

URI filtering regex

Will only send traffic associated with matching URIs to DataDome. Default value matches everything.
(ex. "/^/(login|register)$/")

Optional

""

Hostname exclusion regex (for server-side)

Ignores all matching hostnames.
The associated traffic will not be sent to DataDome for analysis.
(ex: "/sub.domain.com/i")

Optional

""

Client-side key

Your DataDome client-side key

Yes

""

JSTag options

JSON object describing JStag option (click here for more documentation)

No

""

URI exclusion regex (for JSTag)

The associated traffic matching the URI pattern, will not be sent to DataDome for analysis.
(ex: "/routeToExclude//i")

Hostname exclusion regex (for JSTag)

The associated traffic matching the hostname pattern, will not be sent to DataDome for analysis.
(ex: "/subdomain./i")

Optional

""

FAQ

How to configure the listener to support AJAX calls?

As documented here, DataDome requires the configuration of a listener in order to protect AJAX calls.

To do so, the Client-side Protection Options should be configured as follow:

  • Configuration of the listener for a single endpoint
{ "ajaxListenerPath" : "domain/api"}
  • Configuration of the listener for multiple endpoints
{ "ajaxListenerPath" : ["domain1/api", "domain2", "domain3"] }

My Cloudflare site is rate limited when I activate DataDome module

📘

Burst rate

Accounts using the Workers free plan are subject to a burst rate limit of 1000 requests per minute.

DataDome module relies on Cloudflare Worker technology. When used on web sites with a lot of traffic, it may trigger an internal Cloudflare limit for Workers.
This can be inspected in Cloudflare firewall events.

If you are impacted by this limitation, please contact the Cloudflare support in order to lift this limit on your account. Once you are logged in your account, select the "Support" drop-down menu.

Then once you are logged in your Cloudflare support site, select "My Activities & Requests" to access the "Submit a Request" button.

The correct section to create a support ticket is found under "Get additional help":

Create a new support ticket with a clear summary (ex: "Rate Limiting on Cloudflare app")

Fill in the description with an explanation text such as the example below:

Hello,

We enabled DataDome Cloudflare app on our domain.

To make sure that Cloudflare rate limiting feature will not affect the behavior of this app (blocking subrequests to its web servers); could you please disable the rate limiting feature for all requests toward the host api-cloudflare.datadome.co?

This is a known issue regarding workers embedded in apps, that has already been handled by Cloudflare support for other DataDome customers.


Regards,

Finally, review your content and submit the ticket.

I do not want to use OAuth to login on DataDome

You can still use the API keys (supported for compatibility with older versions of the module).

  • Fill in the server-side and client-side keys in the appropriate fields
  • You can find the server-side and client-side keys in your dashboard

Updated 25 days ago

Cloudflare


DataDome Cloudflare app detects and protects against bot activity

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.