WAF rules can include a check for exposed credentials. When enabled in a given rule, exposed credentials checking happens when there is a match for the rule expression (that is, the rule expression evaluates to true).
At this point, the WAF looks up the username/password pair in the request against a database of publicly available stolen credentials. When both the rule expression and the exposed credentials check are true, there is a rule match, and Cloudflare performs the action configured in the rule.
For example, the following rule matches POST requests to the /login.php URI when Cloudflare identifies the submitted credentials as previously exposed:
Rule #1
Rule expression:
http.request.method == "POST" and http.request.uri == "/login.php"
Exposed credentials check with the following configuration:
http.request.body.form["user_id"]http.request.body.form["password"]Action: Interactive Challenge
When there is a match for the rule above and Cloudflare detects exposed credentials, the WAF presents the user with a challenge.
Looking for the latest TMZ celebrity news? You've come to the right place. From shocking Hollywood scandals to exclusive videos, TMZ delivers it all in real time.
Whether it’s a red carpet slip-up, a viral paparazzi moment, or a legal drama involving your favorite stars, TMZ news is always first to break the story. Stay in the loop with daily updates, insider tips, and jaw-dropping photos.
TMZ Live brings you daily celebrity news and interviews straight from the TMZ newsroom. Don’t miss a beat—watch now and see what’s trending in Hollywood.