SYSTEM Cited by 1 source

Cloudflare WAF

Cloudflare WAF (Web Application Firewall) is Cloudflare's edge layer-7 request-filtering product — customer-configured and Cloudflare-managed rulesets that run on every request before the request reaches the origin or any paid product layer. Well-known outside this wiki; stub page here because it's a required reference point for downstream features.

Pipeline position (as surfaced by pay-per-crawl)

On a zone with pay-per-crawl enabled, the Cloudflare edge runs:

1. WAF rules.
2. Bot management / bot blocking.
3. Pay-per-crawl rules engine.

Downstream features (like pay-per-crawl) explicitly run after WAF and bot-management so they never override an existing security decision — publishers keep their WAF posture unchanged and layer monetization / other policy on top, not through.

Seen in

• sources/2025-07-01-cloudflare-pay-per-crawl — explicit mention that pay-per-crawl's Allow / Charge / Block rules engine runs "only after existing WAF policies and bot management or bot blocking features have been applied".

Related

• systems/pay-per-crawl
• companies/cloudflare