Update a Zone Lockdown rule

PUT/zones/{zone_id}/firewall/lockdowns/{lock_downs_id}

Updates an existing Zone Lockdown rule.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Firewall Services Write

Path ParametersExpand Collapse

zone_id: string

Defines an identifier.

maxLength32

lock_downs_id: string

The unique identifier of the Zone Lockdown rule.

maxLength32

Body ParametersJSONExpand Collapse

configurations: Configuration { , }

A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of ip or ip_range configurations.

One of the following:

LockdownIPConfiguration { target, value }

target: optional "ip"

The configuration target. You must set the target to ip when specifying an IP address in the Zone Lockdown rule.

value: optional string

The IP address to match. This address will be compared to the IP address of incoming requests.

LockdownCIDRConfiguration { target, value }

target: optional "ip_range"

The configuration target. You must set the target to ip_range when specifying an IP address range in the Zone Lockdown rule.

value: optional string

The IP address range to match. You can only use prefix lengths /16 and /24.

urls: array of OverrideURL

The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns.

ReturnsExpand Collapse

errors: array of ResponseInfo { code, message, documentation_url, source }

code: number

minimum1000

message: string

documentation_url: optional string

source: optional { pointer }

pointer: optional string

messages: array of ResponseInfo { code, message, documentation_url, source }

code: number

minimum1000

message: string

documentation_url: optional string

source: optional { pointer }

pointer: optional string

result: Lockdown { id, configurations, created_on, 4 more }

id: string

The unique identifier of the Zone Lockdown rule.

maxLength32

configurations: Configuration { , }

A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of ip or ip_range configurations.

One of the following:

LockdownIPConfiguration { target, value }

target: optional "ip"

The configuration target. You must set the target to ip when specifying an IP address in the Zone Lockdown rule.

value: optional string

The IP address to match. This address will be compared to the IP address of incoming requests.

LockdownCIDRConfiguration { target, value }

target: optional "ip_range"

The configuration target. You must set the target to ip_range when specifying an IP address range in the Zone Lockdown rule.

value: optional string

The IP address range to match. You can only use prefix lengths /16 and /24.

created_on: string

The timestamp of when the rule was created.

formatdate-time

description: string

An informative summary of the rule.

maxLength1024

modified_on: string

The timestamp of when the rule was last modified.

formatdate-time

paused: boolean

When true, indicates that the rule is currently paused.

urls: array of LockdownURL

The URLs to include in the rule definition. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns.

success: true

Defines whether the API call was successful.

Update a Zone Lockdown rule

curl https://api.cloudflare.com/client/v4/zones/$ZONE_ID/firewall/lockdowns/$LOCK_DOWNS_ID \
    -X PUT \
    -H 'Content-Type: application/json' \
    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
    -d '{
          "configurations": [
            {}
          ],
          "urls": [
            "shop.example.com/*"
          ]
        }'

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": "372e67954025e0ba6aaa6d586b9e0b59",
    "configurations": [
      {
        "target": "ip",
        "value": "198.51.100.4"
      }
    ],
    "created_on": "2014-01-01T05:20:00.12345Z",
    "description": "Restrict access to these endpoints to requests from a known IP address",
    "modified_on": "2014-01-01T05:20:00.12345Z",
    "paused": false,
    "urls": [
      "api.mysite.com/some/endpoint*"
    ]
  },
  "success": true
}

Returns Examples

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": "372e67954025e0ba6aaa6d586b9e0b59",
    "configurations": [
      {
        "target": "ip",
        "value": "198.51.100.4"
      }
    ],
    "created_on": "2014-01-01T05:20:00.12345Z",
    "description": "Restrict access to these endpoints to requests from a known IP address",
    "modified_on": "2014-01-01T05:20:00.12345Z",
    "paused": false,
    "urls": [
      "api.mysite.com/some/endpoint*"
    ]
  },
  "success": true
}