🚧

Cloudflare Apps will be sunset soon

Cloudflare Apps are deprecated.

We recommend you to follow the Cloudflare Worker guide instead for new installations.

This module is dedicated to be used on Cloudflare, using the App with Workers feature.

Installation

Prerequisites

• datadome_server_side_key available in your DataDome dashboard.

Protect your traffic

1. Connect to your Cloudflare console .
2. Select the website you can to protect.
3. Click on Apps at the lower left side of the console.

4. Click on Search Apps.

5. Search for DataDome.
6. Click on the the app, then on Preview on your site .

📘

Identify your DataDome account with OAuth

We recommend to use OAuth to identify your DataDome account.
Refer to this section for an alternative solution.

7. Click on Login or Register to link your existing DataDome account to your Cloudflare account or to create a new account on DataDome.

8. Enter your DataDome credentials to log in or sign up.

9. Click on Install on all pages button found at the bottom of the page.

Congrats! You can now see your traffic in your DataDome dashboard.

Configuration

Access advanced for both server-side options and client-side options in the App Editor by checking the Optional settings boxes.

Refer to the next Settings section for the full list of possible configuration settings.

Settings

/\.(avi|flv|mka|mkv|mov|mp4|mpeg|mpg|mp3|flac|ogg|ogm|opus|wav|webm|wep|bmp|gif|ico|jpeg|jpg|png|svg|svgz|swf|eot|otf|ttf|woff|woff2|css|less|js)$/i

Update

1. Connect to your Cloudflare console and go to the Apps section.
2. Click on Your installed Apps.
3. If there is a new version of DataDome available, click on Update.

4. Verify your settings.
5. Click on Save changes on all pages.

Congrats! Your app is updated!

FAQ

How can I configure the JS Tag to support AJAX calls?

DataDome requires the configuration of a listener to protect AJAX calls.

To do so, configure the value of Client-side Protection Options as follow:

• Configuration of the listener for a single endpoint:

{ "ajaxListenerPath" : "domain/api"}

• Configuration of the listener for multiple endpoints:

{ "ajaxListenerPath" : ["domain1/api", "domain2", "domain3"] }

How can I disable the rate limiting feature of my Cloudflare site DataDome module is activated?

📘

Burst rate

Accounts using the Workers free plan are subject to a burst rate limit of 1000 requests per minute.

DataDome module relies on Cloudflare Worker technology.
When used on websites with a lot of traffic, it may trigger an internal Cloudflare limit for Workers.

This can be inspected in Cloudflare firewall events.

If you are impacted by this limitation, please contact the Cloudflare support in order to lift this limit on your account:

1. Log in your account.
2. Click on the Support drop-down menu.

3. Log in your Cloudflare support site.
4. Select My Activities & Requests to access the Submit a Request button.

5. Click on Get additional help.

6. Create a new support ticket with a clear summary (ex: Rate Limiting on Cloudflare app).

7. Fill in the description with an explanation text such as the example below:

Hello,

We enabled DataDome Cloudflare app on our domain.

To make sure that Cloudflare rate limiting feature will not affect the behavior of this app
(blocking subrequests to its web servers).
Could you please disable the rate limiting feature for all requests toward the host 
api-cloudflare.datadome.co?
  
This is a known issue regarding workers embedded in apps, that has already been handled by Cloudflare
support for other DataDome customers.

Regards,

8. Review your content and submit the ticket.

How can I avoid OAuth to login on DataDome?

Enter the server-side and client-side keys found in your Dashboard in the appropriate fields.