Skip to main content

How to Use Cloudflare Under Attack Mode on Cloudways Autonomous

Learn how Cloudflare Under Attack Mode protects your Cloudways Autonomous application from suspicious traffic and how to enable or disable it when needed.

Written by Syed Abuzar Mehdi
Updated over 3 months ago

Cloudflare Under Attack Mode adds a temporary verification layer that helps your Autonomous application handle suspicious or potentially harmful traffic.

When enabled, Cloudflare evaluates each visitor before serving the site, reducing the chances of automated attacks or disruptive requests.

This article explains how the feature behaves on Cloudways Autonomous and guides you on when and why to use it.

Table of Contents:

What Is Cloudflare Under Attack Mode?

Cloudflare Under Attack Mode protects your application when it detects high-risk or abnormal traffic patterns, by providing an additional security layer.

Visitors may briefly see a verification page while Cloudflare confirms that the request is legitimate.

This helps prevent automated bots, DDoS attempts, or sudden traffic surges from overwhelming your site.

Default Behavior

Under Attack Mode is disabled by default to allow regular, uninterrupted access for your users. You may enable it at any time if you notice unusual activity.

How the Setting Works

You can manage Under Attack Mode at the application level from your Cloudways dashboard.

The toggle lets you activate or deactivate the protection instantly based on your current traffic conditions.

Turning it on adds a verification layer, while turning it off restores normal access.

When Turned ON

When the mode is active, Cloudflare applies extra checks to incoming traffic. Visitors may be presented with a short challenge such as a CAPTCHA. This helps ensure only valid users reach your site during periods of suspicious activity.

When Turned OFF

When disabled, visitors reach your application normally without any added checks.

How to Enable Cloudflare Under Attack Mode?

Step #1 - Open the Autonomous Applications Section:

  1. Log in to the Cloudways Platform.

  2. From the left-hand navigation menu, click Autonomous.

  3. Select My Applications.

Step #2 - Select Your Application:

  1. From the My Applications list, locate the application where you want to enable protection.

  2. Click the application to open its dashboard.

Step #3 - Go to Workflow / Tools:

  1. Inside the application dashboard, click the Workflow / Tools tab from the top menu.

Step #4 - Open Security Settings:

  1. In the left sidebar under Workflow / Tools, click Security.

  2. The Security page will open, displaying Cloudflare security options.

Step #5 - Enable Cloudflare Under Attack Mode:

  1. Locate Cloudflare Under Attack Mode.

  2. Toggle the switch ON.

  3. A Pop up message will appear where you will be asked to verify the human test.

  4. A brief loading message may appear while the setting is being applied.

Step #6 - Confirm Activation:

  1. Once enabled, you will see a confirmation message:

    • Cloudflare Under Attack Mode Enabled

  2. The toggle will remain switched ON, indicating the feature is active.

If Domain is Not Mapped?

You need to map your domain first before enabling Cloudflare Under Attack Mode.

How to Disable Cloudflare Under Attack Mode?

Step #1 - Open the Application Security Settings:

  1. Log in to the Cloudways Platform.

  2. From the left navigation menu, click Autonomous.

  3. Select My Applications.

  4. Click the application name where Cloudflare Under Attack Mode is currently enabled.

  5. Inside the application dashboard, click the Workflow / Tools tab from the top menu.

  6. From the left sidebar, click Security.

(Follow the navigation provided in ‘How to Enable Cloudflare Under Attack Mode?’ from Steps #1 to Step #3)

Step #2 - Turn OFF Cloudflare Under Attack Mode:

  1. On the Security page, locate Cloudflare Under Attack Mode.

  2. Click the toggle switch to turn it OFF.

Step #3 - Confirm the Action:

  1. A confirmation popup will appear asking if you want to disable Cloudflare Under Attack Mode.

  2. Disabling this setting turns off enhanced filtering and may make your website more vulnerable to suspicious or high-volume traffic.

  3. Read the message in the pop up carefully to make sure your actions do not expose your website to potential attacks.

  4. Click Disable to proceed.

Step #5 - Wait for the Change to Apply:

  1. You may briefly see a status message such as “Disabling Cloudflare Under Attack Mode” while the setting is being updated.

Step #6 - Verify the Status:

  • The toggle will now appear OFF.

  • The status message will show Cloudflare Under Attack Mode Disabled, confirming that enhanced filtering is no longer active.

User Controls

Cloudways allows you to toggle this setting freely so you can respond quickly to changing traffic patterns.

The system also records the timestamp of the most recent change so you can see when the feature was last updated.

When to Use Under Attack Mode

Enable this mode whenever you observe behavior that may indicate an attack or automated interference. It is best suited for short periods while you diagnose the issue.

Once normal activity resumes or if users report difficulty accessing the site, you can turn it off.

Refer to the following points to determine when to use under attack mode:

● Sudden spikes in suspicious traffic

● Possible DDoS activity

● Automated bot visits affecting performance or analytics

● Disable it once traffic normalizes or real users report access issues

Final Thoughts

Cloudflare Under Attack Mode is a practical tool for managing unusual or harmful traffic.

With simple controls in the Cloudways Platform, you can activate it quickly, monitor changes, and disable it once conditions stabilize.

It provides targeted protection without requiring technical expertise and helps maintain your application's stability during suspicious traffic events.

That’s it! We hope this article was helpful.

Need Help?

If you need assistance, feel free to:

We're here 24/7 to help you!

Did this answer your question?