Can one cache and secure a REST API with Cloudflare?

Cloudflare has published a list of best practices for using it with APIs.

TL;DR, they recommend setting a page rule that patches all API requests and putting the following settings on it:

  1. Cache Level: Bypass
  2. Always Online: OFF
  3. Web Application Firewall: OFF
  4. Security Level: Anything but “I’m under attack”
  5. Browser Integrity Check: OFF

Leave a Comment

Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)