Security - Ability to configure IP blacklisting and ratelimiting rules

Since Render is using Cloudflare DDoS protection and WAF, are we able to configure IP blacklists for malicious traffic and special ratelimiting rules for our web services deployed on Render? If this is not possible with Render today, do you have any recommendations for best services/tools that work well with Render to enable these protections?

Thanks!

Hey Mary,
That’s a great question!

Whilst it’s true we do front all services on Render with Cloudflare, we don’t have a way for customers to add rules etc to our account today.

However, you can certainly have your own CloudFlare in front of our Cloudflare and then you can use all of the WAF, rules etc in your own CloudFlare account.

Regards,

John B