Available skip options
The following sections cover the available skip options in custom rules.
- Dashboard option: All remaining custom rules
- API action parameter:
ruleset
Skips the remaining rules in the current ruleset.
- Dashboard options: All rate limiting rules, All Super Bot Fight Mode rules, and All managed rules
- API action parameter:
phases
Skips the execution of one or more phases. Based on the phases you can skip, this option effectively allows you to skip rate limiting rules, Super Bot Fight Mode rules, and/or WAF Managed Rules.
The phases you can skip are the following:
http_ratelimithttp_request_sbfmhttp_request_firewall_managed
Refer to Phases for more information.
- API action parameter:
products
Skips specific security products that are not based on the Ruleset Engine. The products you can skip are the following:
| Product name in the dashboard | API value |
|---|---|
| Zone Lockdown | zoneLockdown |
| User Agent Blocking | uaBlock |
| Browser Integrity Check | bic |
| Hotlink Protection | hot |
| Security Level | securityLevel |
| Rate limiting rules (Previous version) | rateLimit |
| Managed rules (Previous version) | waf |
The API values in the table are case-sensitive.
Currently, you cannot skip Bot Fight Mode, only Super Bot Fight Mode (refer to Skip phases).
- Dashboard option: N/A (currently only available via API)
- API action parameter:
phase
Skips all the remaining rules in the current phase. If used in a custom ruleset (at the zone level), it will skip all remaining rules in the custom ruleset, as well as all later rules in the entry point ruleset where the rule executing the custom ruleset was defined.
Currently, this option is only available at the zone level for the http_request_firewall_custom phase. You can use it in custom rulesets or entry point rulesets.
- Dashboard option: Log matching requests
- API action parameter:
logging>enabled(boolean, optional)
When disabled, Cloudflare will not log any requests matching the current skip rule, and these requests will not appear in Security Events.
If you do not specify this option in the API, the default value is true for custom rules with the skip action (logs requests matching the skip rule).
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Directory
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- © 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark
-
