Cloudflare Docs

Cloudflare Fundamentals

Cloudflare Docs

Cloudflare Fundamentals

Overview
New? Start here.
Get started guide
Concepts
What is Cloudflare?
How Cloudflare works
Cloudflare IP addresses
Cloudflare challenges
Network Layers
Reference architectures
Setup
Add a site
Minimize downtime
Allow Cloudflare IP addresses
Basic tasks
Find zone and account IDs
Manage domains
Move a domain between Cloudflare accounts
Remove a domain
Redirect one domain to another
Pause Cloudflare
Manage subdomains
Interacting with Cloudflare
Access Cloudflare resources
Access compliance documentation
Solution guides
Improve SEO
Protect your origin server
Free
Pro
Business
Enterprise
Secure your website
Optimize site speed
Reference
/cdn-cgi/ endpoint
Cloudflare and Google Analytics
Cloudflare Cookies
Cloudflare Ray ID
Content Security Policies (CSPs)
HTTP request headers
Network ports
When does Cloudflare crawl my site?
Account and billing
Account setup
Create account
Verify email address
Manage account access
Create billing profile
Available roles
Customize account
Account name
Appearance
Communication preferences
Language preference
Account security
Review audit logs
Manage active sessions
Secure compromised account
Account maintenance
Cancel Cloudflare subscriptions
Change domain plan
Delete your Cloudflare account
Update billing information
Understand Cloudflare invoices
Non-contract services
Cloudflare's API
Get started
Create API token
Get API keys (legacy)
How to
Make API calls
Create tokens via API
Restrict tokens
Roll tokens
Reference
Limits
API token permissions
API token templates
API deprecations
Troubleshooting
Cloudflare's data products
About Cloudflare Analytics
Types of analytics
Analytics integrations
Datadog
Elastic
Google Cloud
Graylog
Looker
New Relic
Splunk
Sumo Logic
Customizations
Building custom views
Cloudflare Notifications
Notification History
Available Notifications
Create a Notification
Configure PagerDuty
Configure webhooks
Edit a Notification
Edit PagerDuty
Edit webhooks
API reference
Security
Challenge Passage
Network
0-RTT Connection Resumption
Signed exchanges / AMP Real URL
Signed exchanges
Enable SXGs
SXGs caveats
Reference
AMP Real URL
Enable AMP Real URL
Reference
Speed
Prefetch URLs
Cloudflare Radar
Glossary
API reference
The Internet
Glossary

Secure compromised account

If you observe suspicious activity within your Cloudflare account, secure your account with these steps.

Step 1 - Change your password

For more guidance on changing your password, refer to Change email address or password.

Step 2 - Revoke active account sessions

When there is more than one active session associated with your email account, you can revoke any session that is not the current session.

To revoke a session:

Log in to the Cloudflare dashboard.
Go to My Profile > Sessions.
On a specific section, click Revoke.
You will be prompted to enter your password before revoking the session.

Step 3 - Enable Two-Factor Authentication (2FA)

To prevent future compromises, make sure that you have Two-Factor Authentication (2FA) enabled on your account.

Step 4 - Change API keys and tokens

API keys

API tokens

Step 5 - Review the audit log

To access audit logs in the Cloudflare dashboard:

Log in to the Cloudflare dashboard and select your account.
Go to Manage Account > Audit Log.

If you notice any settings were changed, you should undo those changes.