# UA Rules ## List User Agent Blocking rules `client.Firewall.UARules.List(ctx, params) (*V4PagePaginationArray[UARuleListResponse], error)` **get** `/zones/{zone_id}/firewall/ua_rules` Fetches User Agent Blocking rules in a zone. You can filter the results using several optional parameters. ### Parameters - `params UARuleListParams` - `ZoneID param.Field[string]` Path param: Defines an identifier. - `Description param.Field[string]` Query param: A string to search for in the description of existing rules. - `Page param.Field[float64]` Query param: Page number of paginated results. - `Paused param.Field[bool]` Query param: When true, indicates that the rule is currently paused. - `PerPage param.Field[float64]` Query param: The maximum number of results per page. You can only set the value to `1` or to a multiple of 5 such as `5`, `10`, `15`, or `20`. - `UserAgent param.Field[string]` Query param: A string to search for in the user agent values of existing rules. ### Returns - `type UARuleListResponse struct{…}` - `ID string` The unique identifier of the User Agent Blocking rule. - `Configuration UARuleListResponseConfiguration` The configuration object for the current rule. - `Target string` The configuration target for this rule. You must set the target to `ua` for User Agent Blocking rules. - `Value string` The exact user agent string to match. This value will be compared to the received `User-Agent` HTTP header value. - `Description string` An informative summary of the rule. - `Mode UARuleListResponseMode` The action to apply to a matched request. - `const UARuleListResponseModeBlock UARuleListResponseMode = "block"` - `const UARuleListResponseModeChallenge UARuleListResponseMode = "challenge"` - `const UARuleListResponseModeJSChallenge UARuleListResponseMode = "js_challenge"` - `const UARuleListResponseModeManagedChallenge UARuleListResponseMode = "managed_challenge"` - `Paused bool` When true, indicates that the rule is currently paused. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.Firewall.UARules.List(context.TODO(), firewall.UARuleListParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b59", "configuration": { "target": "ua", "value": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/603.2.4 (KHTML, like Gecko) Version/10.1.1 Safari/603.2.4" }, "description": "Prevent access from abusive clients identified by this User Agent to mitigate a DDoS attack", "mode": "js_challenge", "paused": false } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get a User Agent Blocking rule `client.Firewall.UARules.Get(ctx, uaRuleID, query) (*UARuleGetResponse, error)` **get** `/zones/{zone_id}/firewall/ua_rules/{ua_rule_id}` Fetches the details of a User Agent Blocking rule. ### Parameters - `uaRuleID string` The unique identifier of the User Agent Blocking rule. - `query UARuleGetParams` - `ZoneID param.Field[string]` Defines an identifier. ### Returns - `type UARuleGetResponse struct{…}` - `ID string` The unique identifier of the User Agent Blocking rule. - `Configuration UARuleGetResponseConfiguration` The configuration object for the current rule. - `Target string` The configuration target for this rule. You must set the target to `ua` for User Agent Blocking rules. - `Value string` The exact user agent string to match. This value will be compared to the received `User-Agent` HTTP header value. - `Description string` An informative summary of the rule. - `Mode UARuleGetResponseMode` The action to apply to a matched request. - `const UARuleGetResponseModeBlock UARuleGetResponseMode = "block"` - `const UARuleGetResponseModeChallenge UARuleGetResponseMode = "challenge"` - `const UARuleGetResponseModeJSChallenge UARuleGetResponseMode = "js_challenge"` - `const UARuleGetResponseModeManagedChallenge UARuleGetResponseMode = "managed_challenge"` - `Paused bool` When true, indicates that the rule is currently paused. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) uaRule, err := client.Firewall.UARules.Get( context.TODO(), "372e67954025e0ba6aaa6d586b9e0b59", firewall.UARuleGetParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", uaRule.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b59", "configuration": { "target": "ua", "value": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/603.2.4 (KHTML, like Gecko) Version/10.1.1 Safari/603.2.4" }, "description": "Prevent access from abusive clients identified by this User Agent to mitigate a DDoS attack", "mode": "js_challenge", "paused": false }, "success": true } ``` ## Create a User Agent Blocking rule `client.Firewall.UARules.New(ctx, params) (*UARuleNewResponse, error)` **post** `/zones/{zone_id}/firewall/ua_rules` Creates a new User Agent Blocking rule in a zone. ### Parameters - `params UARuleNewParams` - `ZoneID param.Field[string]` Path param: Defines an identifier. - `Configuration param.Field[UARuleNewParamsConfiguration]` Body param - `Target UARuleNewParamsConfigurationTarget` The configuration target. You must set the target to `ua` when specifying a user agent in the rule. - `const UARuleNewParamsConfigurationTargetUA UARuleNewParamsConfigurationTarget = "ua"` - `Value string` the user agent to exactly match - `Mode param.Field[UARuleNewParamsMode]` Body param: The action to apply to a matched request. - `const UARuleNewParamsModeBlock UARuleNewParamsMode = "block"` - `const UARuleNewParamsModeChallenge UARuleNewParamsMode = "challenge"` - `const UARuleNewParamsModeWhitelist UARuleNewParamsMode = "whitelist"` - `const UARuleNewParamsModeJSChallenge UARuleNewParamsMode = "js_challenge"` - `const UARuleNewParamsModeManagedChallenge UARuleNewParamsMode = "managed_challenge"` - `Description param.Field[string]` Body param: An informative summary of the rule. This value is sanitized and any tags will be removed. - `Paused param.Field[bool]` Body param: When true, indicates that the rule is currently paused. ### Returns - `type UARuleNewResponse struct{…}` - `ID string` The unique identifier of the User Agent Blocking rule. - `Configuration UARuleNewResponseConfiguration` The configuration object for the current rule. - `Target string` The configuration target for this rule. You must set the target to `ua` for User Agent Blocking rules. - `Value string` The exact user agent string to match. This value will be compared to the received `User-Agent` HTTP header value. - `Description string` An informative summary of the rule. - `Mode UARuleNewResponseMode` The action to apply to a matched request. - `const UARuleNewResponseModeBlock UARuleNewResponseMode = "block"` - `const UARuleNewResponseModeChallenge UARuleNewResponseMode = "challenge"` - `const UARuleNewResponseModeJSChallenge UARuleNewResponseMode = "js_challenge"` - `const UARuleNewResponseModeManagedChallenge UARuleNewResponseMode = "managed_challenge"` - `Paused bool` When true, indicates that the rule is currently paused. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) uaRule, err := client.Firewall.UARules.New(context.TODO(), firewall.UARuleNewParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Configuration: cloudflare.F(firewall.UARuleNewParamsConfiguration{ }), Mode: cloudflare.F(firewall.UARuleNewParamsModeChallenge), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", uaRule.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b59", "configuration": { "target": "ua", "value": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/603.2.4 (KHTML, like Gecko) Version/10.1.1 Safari/603.2.4" }, "description": "Prevent access from abusive clients identified by this User Agent to mitigate a DDoS attack", "mode": "js_challenge", "paused": false }, "success": true } ``` ## Update a User Agent Blocking rule `client.Firewall.UARules.Update(ctx, uaRuleID, params) (*UARuleUpdateResponse, error)` **put** `/zones/{zone_id}/firewall/ua_rules/{ua_rule_id}` Updates an existing User Agent Blocking rule. ### Parameters - `uaRuleID string` The unique identifier of the User Agent Blocking rule. - `params UARuleUpdateParams` - `ZoneID param.Field[string]` Path param: Defines an identifier. - `Configuration param.Field[UARuleUpdateParamsConfiguration]` Body param: The rule configuration. - `type AccessRuleIPConfiguration struct{…}` - `Target AccessRuleIPConfigurationTarget` The configuration target. You must set the target to `ip` when specifying an IP address in the rule. - `const AccessRuleIPConfigurationTargetIP AccessRuleIPConfigurationTarget = "ip"` - `Value string` The IP address to match. This address will be compared to the IP address of incoming requests. - `type IPV6Configuration struct{…}` - `Target IPV6ConfigurationTarget` The configuration target. You must set the target to `ip6` when specifying an IPv6 address in the rule. - `const IPV6ConfigurationTargetIp6 IPV6ConfigurationTarget = "ip6"` - `Value string` The IPv6 address to match. - `type AccessRuleCIDRConfiguration struct{…}` - `Target AccessRuleCIDRConfigurationTarget` The configuration target. You must set the target to `ip_range` when specifying an IP address range in the rule. - `const AccessRuleCIDRConfigurationTargetIPRange AccessRuleCIDRConfigurationTarget = "ip_range"` - `Value string` The IP address range to match. You can only use prefix lengths `/16` and `/24` for IPv4 ranges, and prefix lengths `/32`, `/48`, and `/64` for IPv6 ranges. - `type ASNConfiguration struct{…}` - `Target ASNConfigurationTarget` The configuration target. You must set the target to `asn` when specifying an Autonomous System Number (ASN) in the rule. - `const ASNConfigurationTargetASN ASNConfigurationTarget = "asn"` - `Value string` The AS number to match. - `type CountryConfiguration struct{…}` - `Target CountryConfigurationTarget` The configuration target. You must set the target to `country` when specifying a country code in the rule. - `const CountryConfigurationTargetCountry CountryConfigurationTarget = "country"` - `Value string` The two-letter ISO-3166-1 alpha-2 code to match. For more information, refer to [IP Access rules: Parameters](https://developers.cloudflare.com/waf/tools/ip-access-rules/parameters/#country). - `Mode param.Field[UARuleUpdateParamsMode]` Body param: The action to apply to a matched request. - `const UARuleUpdateParamsModeBlock UARuleUpdateParamsMode = "block"` - `const UARuleUpdateParamsModeChallenge UARuleUpdateParamsMode = "challenge"` - `const UARuleUpdateParamsModeWhitelist UARuleUpdateParamsMode = "whitelist"` - `const UARuleUpdateParamsModeJSChallenge UARuleUpdateParamsMode = "js_challenge"` - `const UARuleUpdateParamsModeManagedChallenge UARuleUpdateParamsMode = "managed_challenge"` - `Description param.Field[string]` Body param: An informative summary of the rule. This value is sanitized and any tags will be removed. - `Paused param.Field[bool]` Body param: When true, indicates that the rule is currently paused. ### Returns - `type UARuleUpdateResponse struct{…}` - `ID string` The unique identifier of the User Agent Blocking rule. - `Configuration UARuleUpdateResponseConfiguration` The configuration object for the current rule. - `Target string` The configuration target for this rule. You must set the target to `ua` for User Agent Blocking rules. - `Value string` The exact user agent string to match. This value will be compared to the received `User-Agent` HTTP header value. - `Description string` An informative summary of the rule. - `Mode UARuleUpdateResponseMode` The action to apply to a matched request. - `const UARuleUpdateResponseModeBlock UARuleUpdateResponseMode = "block"` - `const UARuleUpdateResponseModeChallenge UARuleUpdateResponseMode = "challenge"` - `const UARuleUpdateResponseModeJSChallenge UARuleUpdateResponseMode = "js_challenge"` - `const UARuleUpdateResponseModeManagedChallenge UARuleUpdateResponseMode = "managed_challenge"` - `Paused bool` When true, indicates that the rule is currently paused. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) uaRule, err := client.Firewall.UARules.Update( context.TODO(), "372e67954025e0ba6aaa6d586b9e0b59", firewall.UARuleUpdateParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Configuration: cloudflare.F[firewall.UARuleUpdateParamsConfigurationUnion](firewall.AccessRuleIPConfigurationParam{ }), Mode: cloudflare.F(firewall.UARuleUpdateParamsModeChallenge), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", uaRule.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b59", "configuration": { "target": "ua", "value": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/603.2.4 (KHTML, like Gecko) Version/10.1.1 Safari/603.2.4" }, "description": "Prevent access from abusive clients identified by this User Agent to mitigate a DDoS attack", "mode": "js_challenge", "paused": false }, "success": true } ``` ## Delete a User Agent Blocking rule `client.Firewall.UARules.Delete(ctx, uaRuleID, body) (*UARuleDeleteResponse, error)` **delete** `/zones/{zone_id}/firewall/ua_rules/{ua_rule_id}` Deletes an existing User Agent Blocking rule. ### Parameters - `uaRuleID string` The unique identifier of the User Agent Blocking rule. - `body UARuleDeleteParams` - `ZoneID param.Field[string]` Defines an identifier. ### Returns - `type UARuleDeleteResponse struct{…}` - `ID string` The unique identifier of the User Agent Blocking rule. - `Configuration UARuleDeleteResponseConfiguration` The configuration object for the current rule. - `Target string` The configuration target for this rule. You must set the target to `ua` for User Agent Blocking rules. - `Value string` The exact user agent string to match. This value will be compared to the received `User-Agent` HTTP header value. - `Description string` An informative summary of the rule. - `Mode UARuleDeleteResponseMode` The action to apply to a matched request. - `const UARuleDeleteResponseModeBlock UARuleDeleteResponseMode = "block"` - `const UARuleDeleteResponseModeChallenge UARuleDeleteResponseMode = "challenge"` - `const UARuleDeleteResponseModeJSChallenge UARuleDeleteResponseMode = "js_challenge"` - `const UARuleDeleteResponseModeManagedChallenge UARuleDeleteResponseMode = "managed_challenge"` - `Paused bool` When true, indicates that the rule is currently paused. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/firewall" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) uaRule, err := client.Firewall.UARules.Delete( context.TODO(), "372e67954025e0ba6aaa6d586b9e0b59", firewall.UARuleDeleteParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", uaRule.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b59", "configuration": { "target": "ua", "value": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/603.2.4 (KHTML, like Gecko) Version/10.1.1 Safari/603.2.4" }, "description": "Prevent access from abusive clients identified by this User Agent to mitigate a DDoS attack", "mode": "js_challenge", "paused": false }, "success": true } ```