# Rules ## List firewall rules `client.Firewall.Rules.List(ctx, params) (*V4PagePaginationArray[FirewallRule], error)` **get** `/zones/{zone_id}/firewall/rules` Fetches firewall rules in a zone. You can filter the results using several optional parameters. ### Parameters - `params RuleListParams` - `ZoneID param.Field[string]` Path param: Defines an identifier. - `ID param.Field[string]` Query param: The unique identifier of the firewall rule. - `Action param.Field[string]` Query param: The action to search for. Must be an exact match. - `Description param.Field[string]` Query param: A case-insensitive string to find in the description. - `Page param.Field[float64]` Query param: Page number of paginated results. - `Paused param.Field[bool]` Query param: When true, indicates that the firewall rule is currently paused. - `PerPage param.Field[float64]` Query param: Number of firewall rules per page. ### Returns - `type FirewallRule struct{…}` - `ID string` The unique identifier of the firewall rule. - `Action Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `const ActionBlock Action = "block"` - `const ActionChallenge Action = "challenge"` - `const ActionJSChallenge Action = "js_challenge"` - `const ActionManagedChallenge Action = "managed_challenge"` - `const ActionAllow Action = "allow"` - `const ActionLog Action = "log"` - `const ActionBypass Action = "bypass"` - `Description string` An informative summary of the firewall rule. - `Filter FirewallRuleFilter` - `type FirewallFilter struct{…}` - `ID string` The unique identifier of the filter. - `Description string` An informative summary of the filter. - `Expression string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `Paused bool` When true, indicates that the filter is currently paused. - `Ref string` A short reference tag. Allows you to select related filters. - `type DeletedFilter struct{…}` - `ID string` The unique identifier of the filter. - `Deleted bool` When true, indicates that the firewall rule was deleted. - `Paused bool` When true, indicates that the firewall rule is currently paused. - `Priority float64` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `Products []Product` - `const ProductZoneLockdown Product = "zoneLockdown"` - `const ProductUABlock Product = "uaBlock"` - `const ProductBIC Product = "bic"` - `const ProductHot Product = "hot"` - `const ProductSecurityLevel Product = "securityLevel"` - `const ProductRateLimit Product = "rateLimit"` - `const ProductWAF Product = "waf"` - `Ref string` A short reference tag. Allows you to select related firewall rules. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.Firewall.Rules.List(context.TODO(), firewall.RuleListParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get a firewall rule `client.Firewall.Rules.Get(ctx, ruleID, query) (*FirewallRule, error)` **get** `/zones/{zone_id}/firewall/rules/{rule_id}` Fetches the details of a firewall rule. ### Parameters - `ruleID string` The unique identifier of the firewall rule. - `query RuleGetParams` - `ZoneID param.Field[string]` Defines an identifier. ### Returns - `type FirewallRule struct{…}` - `ID string` The unique identifier of the firewall rule. - `Action Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `const ActionBlock Action = "block"` - `const ActionChallenge Action = "challenge"` - `const ActionJSChallenge Action = "js_challenge"` - `const ActionManagedChallenge Action = "managed_challenge"` - `const ActionAllow Action = "allow"` - `const ActionLog Action = "log"` - `const ActionBypass Action = "bypass"` - `Description string` An informative summary of the firewall rule. - `Filter FirewallRuleFilter` - `type FirewallFilter struct{…}` - `ID string` The unique identifier of the filter. - `Description string` An informative summary of the filter. - `Expression string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `Paused bool` When true, indicates that the filter is currently paused. - `Ref string` A short reference tag. Allows you to select related filters. - `type DeletedFilter struct{…}` - `ID string` The unique identifier of the filter. - `Deleted bool` When true, indicates that the firewall rule was deleted. - `Paused bool` When true, indicates that the firewall rule is currently paused. - `Priority float64` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `Products []Product` - `const ProductZoneLockdown Product = "zoneLockdown"` - `const ProductUABlock Product = "uaBlock"` - `const ProductBIC Product = "bic"` - `const ProductHot Product = "hot"` - `const ProductSecurityLevel Product = "securityLevel"` - `const ProductRateLimit Product = "rateLimit"` - `const ProductWAF Product = "waf"` - `Ref string` A short reference tag. Allows you to select related firewall rules. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) firewallRule, err := client.Firewall.Rules.Get( context.TODO(), "372e67954025e0ba6aaa6d586b9e0b60", firewall.RuleGetParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", firewallRule.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" }, "success": true } ``` ## Create firewall rules `client.Firewall.Rules.New(ctx, params) (*SinglePage[FirewallRule], error)` **post** `/zones/{zone_id}/firewall/rules` Create one or more firewall rules. ### Parameters - `params RuleNewParams` - `ZoneID param.Field[string]` Path param: Defines an identifier. - `Action param.Field[RuleNewParamsAction]` Body param: The action to perform when the threshold of matched traffic within the configured period is exceeded. - `Mode RuleNewParamsActionMode` The action to perform. - `const RuleNewParamsActionModeSimulate RuleNewParamsActionMode = "simulate"` - `const RuleNewParamsActionModeBan RuleNewParamsActionMode = "ban"` - `const RuleNewParamsActionModeChallenge RuleNewParamsActionMode = "challenge"` - `const RuleNewParamsActionModeJSChallenge RuleNewParamsActionMode = "js_challenge"` - `const RuleNewParamsActionModeManagedChallenge RuleNewParamsActionMode = "managed_challenge"` - `Response RuleNewParamsActionResponse` A custom content type and reponse to return when the threshold is exceeded. The custom response configured in this object will override the custom error for the zone. This object is optional. Notes: If you omit this object, Cloudflare will use the default HTML error page. If "mode" is "challenge", "managed_challenge", or "js_challenge", Cloudflare will use the zone challenge pages and you should not provide the "response" object. - `Body string` The response body to return. The value must conform to the configured content type. - `ContentType string` The content type of the body. Must be one of the following: `text/plain`, `text/xml`, or `application/json`. - `Timeout float64` The time in seconds during which Cloudflare will perform the mitigation action. Must be an integer value greater than or equal to the period. Notes: If "mode" is "challenge", "managed_challenge", or "js_challenge", Cloudflare will use the zone's Challenge Passage time and you should not provide this value. - `Filter param.Field[FirewallFilter]` Body param ### Returns - `type FirewallRule struct{…}` - `ID string` The unique identifier of the firewall rule. - `Action Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `const ActionBlock Action = "block"` - `const ActionChallenge Action = "challenge"` - `const ActionJSChallenge Action = "js_challenge"` - `const ActionManagedChallenge Action = "managed_challenge"` - `const ActionAllow Action = "allow"` - `const ActionLog Action = "log"` - `const ActionBypass Action = "bypass"` - `Description string` An informative summary of the firewall rule. - `Filter FirewallRuleFilter` - `type FirewallFilter struct{…}` - `ID string` The unique identifier of the filter. - `Description string` An informative summary of the filter. - `Expression string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `Paused bool` When true, indicates that the filter is currently paused. - `Ref string` A short reference tag. Allows you to select related filters. - `type DeletedFilter struct{…}` - `ID string` The unique identifier of the filter. - `Deleted bool` When true, indicates that the firewall rule was deleted. - `Paused bool` When true, indicates that the firewall rule is currently paused. - `Priority float64` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `Products []Product` - `const ProductZoneLockdown Product = "zoneLockdown"` - `const ProductUABlock Product = "uaBlock"` - `const ProductBIC Product = "bic"` - `const ProductHot Product = "hot"` - `const ProductSecurityLevel Product = "securityLevel"` - `const ProductRateLimit Product = "rateLimit"` - `const ProductWAF Product = "waf"` - `Ref string` A short reference tag. Allows you to select related firewall rules. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/filters" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.Firewall.Rules.New(context.TODO(), firewall.RuleNewParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Action: cloudflare.F(firewall.RuleNewParamsAction{ }), Filter: cloudflare.F(filters.FirewallFilterParam{ }), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Update a firewall rule `client.Firewall.Rules.Update(ctx, ruleID, params) (*FirewallRule, error)` **put** `/zones/{zone_id}/firewall/rules/{rule_id}` Updates an existing firewall rule. ### Parameters - `ruleID string` The unique identifier of the firewall rule. - `params RuleUpdateParams` - `ZoneID param.Field[string]` Path param: Defines an identifier. - `Action param.Field[RuleUpdateParamsAction]` Body param: The action to perform when the threshold of matched traffic within the configured period is exceeded. - `Mode RuleUpdateParamsActionMode` The action to perform. - `const RuleUpdateParamsActionModeSimulate RuleUpdateParamsActionMode = "simulate"` - `const RuleUpdateParamsActionModeBan RuleUpdateParamsActionMode = "ban"` - `const RuleUpdateParamsActionModeChallenge RuleUpdateParamsActionMode = "challenge"` - `const RuleUpdateParamsActionModeJSChallenge RuleUpdateParamsActionMode = "js_challenge"` - `const RuleUpdateParamsActionModeManagedChallenge RuleUpdateParamsActionMode = "managed_challenge"` - `Response RuleUpdateParamsActionResponse` A custom content type and reponse to return when the threshold is exceeded. The custom response configured in this object will override the custom error for the zone. This object is optional. Notes: If you omit this object, Cloudflare will use the default HTML error page. If "mode" is "challenge", "managed_challenge", or "js_challenge", Cloudflare will use the zone challenge pages and you should not provide the "response" object. - `Body string` The response body to return. The value must conform to the configured content type. - `ContentType string` The content type of the body. Must be one of the following: `text/plain`, `text/xml`, or `application/json`. - `Timeout float64` The time in seconds during which Cloudflare will perform the mitigation action. Must be an integer value greater than or equal to the period. Notes: If "mode" is "challenge", "managed_challenge", or "js_challenge", Cloudflare will use the zone's Challenge Passage time and you should not provide this value. - `Filter param.Field[FirewallFilter]` Body param ### Returns - `type FirewallRule struct{…}` - `ID string` The unique identifier of the firewall rule. - `Action Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `const ActionBlock Action = "block"` - `const ActionChallenge Action = "challenge"` - `const ActionJSChallenge Action = "js_challenge"` - `const ActionManagedChallenge Action = "managed_challenge"` - `const ActionAllow Action = "allow"` - `const ActionLog Action = "log"` - `const ActionBypass Action = "bypass"` - `Description string` An informative summary of the firewall rule. - `Filter FirewallRuleFilter` - `type FirewallFilter struct{…}` - `ID string` The unique identifier of the filter. - `Description string` An informative summary of the filter. - `Expression string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `Paused bool` When true, indicates that the filter is currently paused. - `Ref string` A short reference tag. Allows you to select related filters. - `type DeletedFilter struct{…}` - `ID string` The unique identifier of the filter. - `Deleted bool` When true, indicates that the firewall rule was deleted. - `Paused bool` When true, indicates that the firewall rule is currently paused. - `Priority float64` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `Products []Product` - `const ProductZoneLockdown Product = "zoneLockdown"` - `const ProductUABlock Product = "uaBlock"` - `const ProductBIC Product = "bic"` - `const ProductHot Product = "hot"` - `const ProductSecurityLevel Product = "securityLevel"` - `const ProductRateLimit Product = "rateLimit"` - `const ProductWAF Product = "waf"` - `Ref string` A short reference tag. Allows you to select related firewall rules. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/filters" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) firewallRule, err := client.Firewall.Rules.Update( context.TODO(), "372e67954025e0ba6aaa6d586b9e0b60", firewall.RuleUpdateParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Action: cloudflare.F(firewall.RuleUpdateParamsAction{ }), Filter: cloudflare.F(filters.FirewallFilterParam{ }), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", firewallRule.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" }, "success": true } ``` ## Update priority of a firewall rule `client.Firewall.Rules.Edit(ctx, ruleID, body) (*SinglePage[FirewallRule], error)` **patch** `/zones/{zone_id}/firewall/rules/{rule_id}` Updates the priority of an existing firewall rule. ### Parameters - `ruleID string` The unique identifier of the firewall rule. - `body RuleEditParams` - `ZoneID param.Field[string]` Defines an identifier. ### Returns - `type FirewallRule struct{…}` - `ID string` The unique identifier of the firewall rule. - `Action Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `const ActionBlock Action = "block"` - `const ActionChallenge Action = "challenge"` - `const ActionJSChallenge Action = "js_challenge"` - `const ActionManagedChallenge Action = "managed_challenge"` - `const ActionAllow Action = "allow"` - `const ActionLog Action = "log"` - `const ActionBypass Action = "bypass"` - `Description string` An informative summary of the firewall rule. - `Filter FirewallRuleFilter` - `type FirewallFilter struct{…}` - `ID string` The unique identifier of the filter. - `Description string` An informative summary of the filter. - `Expression string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `Paused bool` When true, indicates that the filter is currently paused. - `Ref string` A short reference tag. Allows you to select related filters. - `type DeletedFilter struct{…}` - `ID string` The unique identifier of the filter. - `Deleted bool` When true, indicates that the firewall rule was deleted. - `Paused bool` When true, indicates that the firewall rule is currently paused. - `Priority float64` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `Products []Product` - `const ProductZoneLockdown Product = "zoneLockdown"` - `const ProductUABlock Product = "uaBlock"` - `const ProductBIC Product = "bic"` - `const ProductHot Product = "hot"` - `const ProductSecurityLevel Product = "securityLevel"` - `const ProductRateLimit Product = "rateLimit"` - `const ProductWAF Product = "waf"` - `Ref string` A short reference tag. Allows you to select related firewall rules. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.Firewall.Rules.Edit( context.TODO(), "372e67954025e0ba6aaa6d586b9e0b60", firewall.RuleEditParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Delete a firewall rule `client.Firewall.Rules.Delete(ctx, ruleID, body) (*FirewallRule, error)` **delete** `/zones/{zone_id}/firewall/rules/{rule_id}` Deletes an existing firewall rule. ### Parameters - `ruleID string` The unique identifier of the firewall rule. - `body RuleDeleteParams` - `ZoneID param.Field[string]` Defines an identifier. ### Returns - `type FirewallRule struct{…}` - `ID string` The unique identifier of the firewall rule. - `Action Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `const ActionBlock Action = "block"` - `const ActionChallenge Action = "challenge"` - `const ActionJSChallenge Action = "js_challenge"` - `const ActionManagedChallenge Action = "managed_challenge"` - `const ActionAllow Action = "allow"` - `const ActionLog Action = "log"` - `const ActionBypass Action = "bypass"` - `Description string` An informative summary of the firewall rule. - `Filter FirewallRuleFilter` - `type FirewallFilter struct{…}` - `ID string` The unique identifier of the filter. - `Description string` An informative summary of the filter. - `Expression string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `Paused bool` When true, indicates that the filter is currently paused. - `Ref string` A short reference tag. Allows you to select related filters. - `type DeletedFilter struct{…}` - `ID string` The unique identifier of the filter. - `Deleted bool` When true, indicates that the firewall rule was deleted. - `Paused bool` When true, indicates that the firewall rule is currently paused. - `Priority float64` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `Products []Product` - `const ProductZoneLockdown Product = "zoneLockdown"` - `const ProductUABlock Product = "uaBlock"` - `const ProductBIC Product = "bic"` - `const ProductHot Product = "hot"` - `const ProductSecurityLevel Product = "securityLevel"` - `const ProductRateLimit Product = "rateLimit"` - `const ProductWAF Product = "waf"` - `Ref string` A short reference tag. Allows you to select related firewall rules. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) firewallRule, err := client.Firewall.Rules.Delete( context.TODO(), "372e67954025e0ba6aaa6d586b9e0b60", firewall.RuleDeleteParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", firewallRule.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" }, "success": true } ``` ## Update firewall rules `client.Firewall.Rules.BulkUpdate(ctx, params) (*SinglePage[FirewallRule], error)` **put** `/zones/{zone_id}/firewall/rules` Updates one or more existing firewall rules. ### Parameters - `params RuleBulkUpdateParams` - `ZoneID param.Field[string]` Path param: Defines an identifier. - `Body param.Field[unknown]` Body param ### Returns - `type FirewallRule struct{…}` - `ID string` The unique identifier of the firewall rule. - `Action Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `const ActionBlock Action = "block"` - `const ActionChallenge Action = "challenge"` - `const ActionJSChallenge Action = "js_challenge"` - `const ActionManagedChallenge Action = "managed_challenge"` - `const ActionAllow Action = "allow"` - `const ActionLog Action = "log"` - `const ActionBypass Action = "bypass"` - `Description string` An informative summary of the firewall rule. - `Filter FirewallRuleFilter` - `type FirewallFilter struct{…}` - `ID string` The unique identifier of the filter. - `Description string` An informative summary of the filter. - `Expression string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `Paused bool` When true, indicates that the filter is currently paused. - `Ref string` A short reference tag. Allows you to select related filters. - `type DeletedFilter struct{…}` - `ID string` The unique identifier of the filter. - `Deleted bool` When true, indicates that the firewall rule was deleted. - `Paused bool` When true, indicates that the firewall rule is currently paused. - `Priority float64` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `Products []Product` - `const ProductZoneLockdown Product = "zoneLockdown"` - `const ProductUABlock Product = "uaBlock"` - `const ProductBIC Product = "bic"` - `const ProductHot Product = "hot"` - `const ProductSecurityLevel Product = "securityLevel"` - `const ProductRateLimit Product = "rateLimit"` - `const ProductWAF Product = "waf"` - `Ref string` A short reference tag. Allows you to select related firewall rules. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.Firewall.Rules.BulkUpdate(context.TODO(), firewall.RuleBulkUpdateParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Body: map[string]interface{}{ }, }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Update priority of firewall rules `client.Firewall.Rules.BulkEdit(ctx, params) (*SinglePage[FirewallRule], error)` **patch** `/zones/{zone_id}/firewall/rules` Updates the priority of existing firewall rules. ### Parameters - `params RuleBulkEditParams` - `ZoneID param.Field[string]` Path param: Defines an identifier. - `Body param.Field[unknown]` Body param ### Returns - `type FirewallRule struct{…}` - `ID string` The unique identifier of the firewall rule. - `Action Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `const ActionBlock Action = "block"` - `const ActionChallenge Action = "challenge"` - `const ActionJSChallenge Action = "js_challenge"` - `const ActionManagedChallenge Action = "managed_challenge"` - `const ActionAllow Action = "allow"` - `const ActionLog Action = "log"` - `const ActionBypass Action = "bypass"` - `Description string` An informative summary of the firewall rule. - `Filter FirewallRuleFilter` - `type FirewallFilter struct{…}` - `ID string` The unique identifier of the filter. - `Description string` An informative summary of the filter. - `Expression string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `Paused bool` When true, indicates that the filter is currently paused. - `Ref string` A short reference tag. Allows you to select related filters. - `type DeletedFilter struct{…}` - `ID string` The unique identifier of the filter. - `Deleted bool` When true, indicates that the firewall rule was deleted. - `Paused bool` When true, indicates that the firewall rule is currently paused. - `Priority float64` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `Products []Product` - `const ProductZoneLockdown Product = "zoneLockdown"` - `const ProductUABlock Product = "uaBlock"` - `const ProductBIC Product = "bic"` - `const ProductHot Product = "hot"` - `const ProductSecurityLevel Product = "securityLevel"` - `const ProductRateLimit Product = "rateLimit"` - `const ProductWAF Product = "waf"` - `Ref string` A short reference tag. Allows you to select related firewall rules. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.Firewall.Rules.BulkEdit(context.TODO(), firewall.RuleBulkEditParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Body: map[string]interface{}{ }, }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Delete firewall rules `client.Firewall.Rules.BulkDelete(ctx, body) (*SinglePage[FirewallRule], error)` **delete** `/zones/{zone_id}/firewall/rules` Deletes existing firewall rules. ### Parameters - `body RuleBulkDeleteParams` - `ZoneID param.Field[string]` Defines an identifier. ### Returns - `type FirewallRule struct{…}` - `ID string` The unique identifier of the firewall rule. - `Action Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `const ActionBlock Action = "block"` - `const ActionChallenge Action = "challenge"` - `const ActionJSChallenge Action = "js_challenge"` - `const ActionManagedChallenge Action = "managed_challenge"` - `const ActionAllow Action = "allow"` - `const ActionLog Action = "log"` - `const ActionBypass Action = "bypass"` - `Description string` An informative summary of the firewall rule. - `Filter FirewallRuleFilter` - `type FirewallFilter struct{…}` - `ID string` The unique identifier of the filter. - `Description string` An informative summary of the filter. - `Expression string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `Paused bool` When true, indicates that the filter is currently paused. - `Ref string` A short reference tag. Allows you to select related filters. - `type DeletedFilter struct{…}` - `ID string` The unique identifier of the filter. - `Deleted bool` When true, indicates that the firewall rule was deleted. - `Paused bool` When true, indicates that the firewall rule is currently paused. - `Priority float64` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `Products []Product` - `const ProductZoneLockdown Product = "zoneLockdown"` - `const ProductUABlock Product = "uaBlock"` - `const ProductBIC Product = "bic"` - `const ProductHot Product = "hot"` - `const ProductSecurityLevel Product = "securityLevel"` - `const ProductRateLimit Product = "rateLimit"` - `const ProductWAF Product = "waf"` - `Ref string` A short reference tag. Allows you to select related firewall rules. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.Firewall.Rules.BulkDelete(context.TODO(), firewall.RuleBulkDeleteParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Domain Types ### Deleted Filter - `type DeletedFilter struct{…}` - `ID string` The unique identifier of the filter. - `Deleted bool` When true, indicates that the firewall rule was deleted. ### Firewall Rule - `type FirewallRule struct{…}` - `ID string` The unique identifier of the firewall rule. - `Action Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `const ActionBlock Action = "block"` - `const ActionChallenge Action = "challenge"` - `const ActionJSChallenge Action = "js_challenge"` - `const ActionManagedChallenge Action = "managed_challenge"` - `const ActionAllow Action = "allow"` - `const ActionLog Action = "log"` - `const ActionBypass Action = "bypass"` - `Description string` An informative summary of the firewall rule. - `Filter FirewallRuleFilter` - `type FirewallFilter struct{…}` - `ID string` The unique identifier of the filter. - `Description string` An informative summary of the filter. - `Expression string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `Paused bool` When true, indicates that the filter is currently paused. - `Ref string` A short reference tag. Allows you to select related filters. - `type DeletedFilter struct{…}` - `ID string` The unique identifier of the filter. - `Deleted bool` When true, indicates that the firewall rule was deleted. - `Paused bool` When true, indicates that the firewall rule is currently paused. - `Priority float64` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `Products []Product` - `const ProductZoneLockdown Product = "zoneLockdown"` - `const ProductUABlock Product = "uaBlock"` - `const ProductBIC Product = "bic"` - `const ProductHot Product = "hot"` - `const ProductSecurityLevel Product = "securityLevel"` - `const ProductRateLimit Product = "rateLimit"` - `const ProductWAF Product = "waf"` - `Ref string` A short reference tag. Allows you to select related firewall rules. ### Product - `type Product string` A list of products to bypass for a request when using the `bypass` action. - `const ProductZoneLockdown Product = "zoneLockdown"` - `const ProductUABlock Product = "uaBlock"` - `const ProductBIC Product = "bic"` - `const ProductHot Product = "hot"` - `const ProductSecurityLevel Product = "securityLevel"` - `const ProductRateLimit Product = "rateLimit"` - `const ProductWAF Product = "waf"`