Skip to content
Cloudflare API
Start here
API Reference
Rulesets

Rules

Create an account or zone ruleset rule
client.Rulesets.Rules.New(ctx, rulesetID, params) (*RuleNewResponse, error)
POST/{accounts_or_zones}/{account_or_zone_id}/rulesets/{ruleset_id}/rules
Update an account or zone ruleset rule
client.Rulesets.Rules.Edit(ctx, rulesetID, ruleID, params) (*RuleEditResponse, error)
PATCH/{accounts_or_zones}/{account_or_zone_id}/rulesets/{ruleset_id}/rules/{rule_id}
Delete an account or zone ruleset rule
client.Rulesets.Rules.Delete(ctx, rulesetID, ruleID, body) (*RuleDeleteResponse, error)
DELETE/{accounts_or_zones}/{account_or_zone_id}/rulesets/{ruleset_id}/rules/{rule_id}
ModelsExpand Collapse
type BlockRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action BlockRuleActionoptional

The action to perform when the rule matches.

ActionParameters BlockRuleActionParametersoptional

The parameters configuring the rule's action.

Response BlockRuleActionParametersResponseoptional

The response to show when the block is applied.

Content string

The content to return.

minLength1
ContentType string

The type of the content to return.

minLength1
StatusCode int64

The status code to return.

maximum499
minimum400
Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck BlockRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit BlockRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type CompressResponseRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action CompressResponseRuleActionoptional

The action to perform when the rule matches.

ActionParameters CompressResponseRuleActionParametersoptional

The parameters configuring the rule's action.

Algorithms []CompressResponseRuleActionParametersAlgorithm

Custom order for compression algorithms.

Name CompressResponseRuleActionParametersAlgorithmsNameoptional

Name of the compression algorithm to enable.

One of the following:
const CompressResponseRuleActionParametersAlgorithmsNameNone CompressResponseRuleActionParametersAlgorithmsName = "none"
const CompressResponseRuleActionParametersAlgorithmsNameAuto CompressResponseRuleActionParametersAlgorithmsName = "auto"
const CompressResponseRuleActionParametersAlgorithmsNameDefault CompressResponseRuleActionParametersAlgorithmsName = "default"
const CompressResponseRuleActionParametersAlgorithmsNameGzip CompressResponseRuleActionParametersAlgorithmsName = "gzip"
const CompressResponseRuleActionParametersAlgorithmsNameBrotli CompressResponseRuleActionParametersAlgorithmsName = "brotli"
const CompressResponseRuleActionParametersAlgorithmsNameZstd CompressResponseRuleActionParametersAlgorithmsName = "zstd"
Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck CompressResponseRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit CompressResponseRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type DDoSDynamicRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action DDoSDynamicRuleActionoptional

The action to perform when the rule matches.

ActionParameters unknownoptional

The parameters configuring the rule's action.

Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck DDoSDynamicRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit DDoSDynamicRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type ExecuteRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action ExecuteRuleActionoptional

The action to perform when the rule matches.

ActionParameters ExecuteRuleActionParametersoptional

The parameters configuring the rule's action.

ID string

The ID of the ruleset to execute.

MatchedData ExecuteRuleActionParametersMatchedDataoptional

The configuration to use for matched data logging.

PublicKey string

The public key to encrypt matched data logs with.

minLength1
Overrides ExecuteRuleActionParametersOverridesoptional

A set of overrides to apply to the target ruleset.

Action stringoptional

An action to override all rules with. This option has lower precedence than rule and category overrides.

Categories []ExecuteRuleActionParametersOverridesCategoryoptional

A list of category-level overrides. This option has the second-highest precedence after rule-level overrides.

Category string

The name of the category to override.

minLength1
Action stringoptional

The action to override rules in the category with.

Enabled booloptional

Whether to enable execution of rules in the category.

SensitivityLevel ExecuteRuleActionParametersOverridesCategoriesSensitivityLeveloptional

The sensitivity level to use for rules in the category. This option is only applicable for DDoS phases.

One of the following:
const ExecuteRuleActionParametersOverridesCategoriesSensitivityLevelDefault ExecuteRuleActionParametersOverridesCategoriesSensitivityLevel = "default"
const ExecuteRuleActionParametersOverridesCategoriesSensitivityLevelMedium ExecuteRuleActionParametersOverridesCategoriesSensitivityLevel = "medium"
const ExecuteRuleActionParametersOverridesCategoriesSensitivityLevelLow ExecuteRuleActionParametersOverridesCategoriesSensitivityLevel = "low"
const ExecuteRuleActionParametersOverridesCategoriesSensitivityLevelEoff ExecuteRuleActionParametersOverridesCategoriesSensitivityLevel = "eoff"
Enabled booloptional

Whether to enable execution of all rules. This option has lower precedence than rule and category overrides.

Rules []ExecuteRuleActionParametersOverridesRuleoptional

A list of rule-level overrides. This option has the highest precedence.

ID string

The ID of the rule to override.

Action stringoptional

The action to override the rule with.

Enabled booloptional

Whether to enable execution of the rule.

ScoreThreshold int64optional

The score threshold to use for the rule.

SensitivityLevel ExecuteRuleActionParametersOverridesRulesSensitivityLeveloptional

The sensitivity level to use for the rule. This option is only applicable for DDoS phases.

One of the following:
const ExecuteRuleActionParametersOverridesRulesSensitivityLevelDefault ExecuteRuleActionParametersOverridesRulesSensitivityLevel = "default"
const ExecuteRuleActionParametersOverridesRulesSensitivityLevelMedium ExecuteRuleActionParametersOverridesRulesSensitivityLevel = "medium"
const ExecuteRuleActionParametersOverridesRulesSensitivityLevelLow ExecuteRuleActionParametersOverridesRulesSensitivityLevel = "low"
const ExecuteRuleActionParametersOverridesRulesSensitivityLevelEoff ExecuteRuleActionParametersOverridesRulesSensitivityLevel = "eoff"
SensitivityLevel ExecuteRuleActionParametersOverridesSensitivityLeveloptional

A sensitivity level to set for all rules. This option has lower precedence than rule and category overrides and is only applicable for DDoS phases.

One of the following:
const ExecuteRuleActionParametersOverridesSensitivityLevelDefault ExecuteRuleActionParametersOverridesSensitivityLevel = "default"
const ExecuteRuleActionParametersOverridesSensitivityLevelMedium ExecuteRuleActionParametersOverridesSensitivityLevel = "medium"
const ExecuteRuleActionParametersOverridesSensitivityLevelLow ExecuteRuleActionParametersOverridesSensitivityLevel = "low"
const ExecuteRuleActionParametersOverridesSensitivityLevelEoff ExecuteRuleActionParametersOverridesSensitivityLevel = "eoff"
Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck ExecuteRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit ExecuteRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type ForceConnectionCloseRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action ForceConnectionCloseRuleActionoptional

The action to perform when the rule matches.

ActionParameters unknownoptional

The parameters configuring the rule's action.

Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck ForceConnectionCloseRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit ForceConnectionCloseRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type LogCustomFieldRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action LogCustomFieldRuleActionoptional

The action to perform when the rule matches.

ActionParameters LogCustomFieldRuleActionParametersoptional

The parameters configuring the rule's action.

RawResponseFields []LogCustomFieldRuleActionParametersRawResponseFieldoptional

The raw response fields to log.

Name string

The name of the response header.

minLength1
PreserveDuplicates booloptional

Whether to log duplicate values of the same header.

RequestFields []LogCustomFieldRuleActionParametersRequestFieldoptional

The raw request fields to log.

Name string

The name of the header.

minLength1
ResponseFields []LogCustomFieldRuleActionParametersResponseFieldoptional

The transformed response fields to log.

Name string

The name of the response header.

minLength1
PreserveDuplicates booloptional

Whether to log duplicate values of the same header.

TransformedRequestFields []LogCustomFieldRuleActionParametersTransformedRequestFieldoptional

The transformed request fields to log.

Name string

The name of the header.

minLength1
Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck LogCustomFieldRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit LogCustomFieldRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type LogRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action LogRuleActionoptional

The action to perform when the rule matches.

ActionParameters unknownoptional

The parameters configuring the rule's action.

Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck LogRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit LogRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type Logging struct{…}

An object configuring the rule's logging behavior.

Enabled bool

Whether to generate a log when the rule matches.

type ManagedChallengeRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action ManagedChallengeRuleActionoptional

The action to perform when the rule matches.

ActionParameters unknownoptional

The parameters configuring the rule's action.

Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck ManagedChallengeRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit ManagedChallengeRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type RedirectRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action RedirectRuleActionoptional

The action to perform when the rule matches.

ActionParameters RedirectRuleActionParametersoptional

The parameters configuring the rule's action.

FromList RedirectRuleActionParametersFromListoptional

A redirect based on a bulk list lookup.

Key string

An expression that evaluates to the list lookup key.

minLength1
Name string

The name of the list to match against.

FromValue RedirectRuleActionParametersFromValueoptional

A redirect based on the request properties.

TargetURL RedirectRuleActionParametersFromValueTargetURL

A URL to redirect the request to.

Expression stringoptional

An expression that evaluates to a URL to redirect the request to.

minLength1
Value stringoptional

A URL to redirect the request to.

minLength1
PreserveQueryString booloptional

Whether to keep the query string of the original request.

StatusCode RedirectRuleActionParametersFromValueStatusCodeoptional

The status code to use for the redirect.

One of the following:
const RedirectRuleActionParametersFromValueStatusCode301 RedirectRuleActionParametersFromValueStatusCode = 301
const RedirectRuleActionParametersFromValueStatusCode302 RedirectRuleActionParametersFromValueStatusCode = 302
const RedirectRuleActionParametersFromValueStatusCode303 RedirectRuleActionParametersFromValueStatusCode = 303
const RedirectRuleActionParametersFromValueStatusCode307 RedirectRuleActionParametersFromValueStatusCode = 307
const RedirectRuleActionParametersFromValueStatusCode308 RedirectRuleActionParametersFromValueStatusCode = 308
Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck RedirectRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit RedirectRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type RewriteRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action RewriteRuleActionoptional

The action to perform when the rule matches.

ActionParameters RewriteRuleActionParametersoptional

The parameters configuring the rule's action.

Headers map[string, RewriteRuleActionParametersHeader]optional

A map of headers to rewrite.

One of the following:
type RewriteRuleActionParametersHeadersAddStaticHeader struct{…}

A header with a static value to add.

Operation RewriteRuleActionParametersHeadersAddStaticHeaderOperation

The operation to perform on the header.

Value string

A static value for the header.

minLength1
type RewriteRuleActionParametersHeadersAddDynamicHeader struct{…}

A header with a dynamic value to add.

Expression string

An expression that evaluates to a value for the header.

minLength1
Operation RewriteRuleActionParametersHeadersAddDynamicHeaderOperation

The operation to perform on the header.

type RewriteRuleActionParametersHeadersSetStaticHeader struct{…}

A header with a static value to set.

Operation RewriteRuleActionParametersHeadersSetStaticHeaderOperation

The operation to perform on the header.

Value string

A static value for the header.

minLength1
type RewriteRuleActionParametersHeadersSetDynamicHeader struct{…}

A header with a dynamic value to set.

Expression string

An expression that evaluates to a value for the header.

minLength1
Operation RewriteRuleActionParametersHeadersSetDynamicHeaderOperation

The operation to perform on the header.

type RewriteRuleActionParametersHeadersRemoveHeader struct{…}

A header to remove.

Operation RewriteRuleActionParametersHeadersRemoveHeaderOperation

The operation to perform on the header.

URI RewriteRuleActionParametersURIoptional

A URI path rewrite.

One of the following:
type RewriteRuleActionParametersURIURIPath struct{…}

A URI path rewrite.

Path RewriteRuleActionParametersURIURIPathPath

A URI path rewrite.

Expression stringoptional

An expression that evaluates to a value to rewrite the URI path to.

minLength1
Value stringoptional

A value to rewrite the URI path to.

minLength1
Origin booloptional

Whether to propagate the rewritten URI to origin.

type RewriteRuleActionParametersURIURIQuery struct{…}

A URI query rewrite.

Query RewriteRuleActionParametersURIURIQueryQuery

A URI query rewrite.

Expression stringoptional

An expression that evaluates to a value to rewrite the URI query to.

minLength1
Value stringoptional

A value to rewrite the URI query to.

Origin booloptional

Whether to propagate the rewritten URI to origin.

Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck RewriteRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit RewriteRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type RouteRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action RouteRuleActionoptional

The action to perform when the rule matches.

ActionParameters RouteRuleActionParametersoptional

The parameters configuring the rule's action.

HostHeader stringoptional

A value to rewrite the HTTP host header to.

minLength1
Origin RouteRuleActionParametersOriginoptional

An origin to route to.

Host stringoptional

A resolved host to route to.

minLength1
Port int64optional

A destination port to route to.

maximum65535
minimum1
SNI RouteRuleActionParametersSNIoptional

A Server Name Indication (SNI) override.

Value string

A value to override the SNI to.

minLength1
Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck RouteRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit RouteRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type RulesetRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action stringoptional

The action to perform when the rule matches.

ActionParameters unknownoptional

The parameters configuring the rule's action.

Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck RulesetRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit RulesetRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type ScoreRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action ScoreRuleActionoptional

The action to perform when the rule matches.

ActionParameters ScoreRuleActionParametersoptional

The parameters configuring the rule's action.

Increment int64

A delta to change the score by, which can be either positive or negative.

Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck ScoreRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit ScoreRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type ServeErrorRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action ServeErrorRuleActionoptional

The action to perform when the rule matches.

ActionParameters ServeErrorRuleActionParametersoptional

The parameters configuring the rule's action.

One of the following:
type ServeErrorRuleActionParametersActionParametersContent struct{…}
Content string

The response content.

minLength1
ContentType ServeErrorRuleActionParametersActionParametersContentContentTypeoptional

The content type header to set with the error response.

One of the following:
const ServeErrorRuleActionParametersActionParametersContentContentTypeApplicationJson ServeErrorRuleActionParametersActionParametersContentContentType = "application/json"
const ServeErrorRuleActionParametersActionParametersContentContentTypeTextHTML ServeErrorRuleActionParametersActionParametersContentContentType = "text/html"
const ServeErrorRuleActionParametersActionParametersContentContentTypeTextPlain ServeErrorRuleActionParametersActionParametersContentContentType = "text/plain"
const ServeErrorRuleActionParametersActionParametersContentContentTypeTextXml ServeErrorRuleActionParametersActionParametersContentContentType = "text/xml"
StatusCode int64optional

The status code to use for the error.

maximum999
minimum400
type ServeErrorRuleActionParametersActionParametersAsset struct{…}
AssetName string

The name of a custom asset to serve as the error response.

minLength1
ContentType ServeErrorRuleActionParametersActionParametersAssetContentTypeoptional

The content type header to set with the error response.

One of the following:
const ServeErrorRuleActionParametersActionParametersAssetContentTypeApplicationJson ServeErrorRuleActionParametersActionParametersAssetContentType = "application/json"
const ServeErrorRuleActionParametersActionParametersAssetContentTypeTextHTML ServeErrorRuleActionParametersActionParametersAssetContentType = "text/html"
const ServeErrorRuleActionParametersActionParametersAssetContentTypeTextPlain ServeErrorRuleActionParametersActionParametersAssetContentType = "text/plain"
const ServeErrorRuleActionParametersActionParametersAssetContentTypeTextXml ServeErrorRuleActionParametersActionParametersAssetContentType = "text/xml"
StatusCode int64optional

The status code to use for the error.

maximum999
minimum400
Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck ServeErrorRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit ServeErrorRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type SetCacheSettingsRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action SetCacheSettingsRuleActionoptional

The action to perform when the rule matches.

ActionParameters SetCacheSettingsRuleActionParametersoptional

The parameters configuring the rule's action.

AdditionalCacheablePorts []int64optional

A list of additional ports that caching should be enabled on.

BrowserTTL SetCacheSettingsRuleActionParametersBrowserTTLoptional

How long client browsers should cache the response. Cloudflare cache purge will not purge content cached on client browsers, so high browser TTLs may lead to stale content.

Mode SetCacheSettingsRuleActionParametersBrowserTTLMode

The browser TTL mode.

One of the following:
const SetCacheSettingsRuleActionParametersBrowserTTLModeRespectOrigin SetCacheSettingsRuleActionParametersBrowserTTLMode = "respect_origin"
const SetCacheSettingsRuleActionParametersBrowserTTLModeBypassByDefault SetCacheSettingsRuleActionParametersBrowserTTLMode = "bypass_by_default"
const SetCacheSettingsRuleActionParametersBrowserTTLModeOverrideOrigin SetCacheSettingsRuleActionParametersBrowserTTLMode = "override_origin"
const SetCacheSettingsRuleActionParametersBrowserTTLModeBypass SetCacheSettingsRuleActionParametersBrowserTTLMode = "bypass"
Default int64optional

The browser TTL (in seconds) if you choose the "override_origin" mode.

minimum0
Cache booloptional

Whether the request's response from the origin is eligible for caching. Caching itself will still depend on the cache control header and your other caching configurations.

CacheKey SetCacheSettingsRuleActionParametersCacheKeyoptional

Which components of the request are included in or excluded from the cache key Cloudflare uses to store the response in cache.

CacheByDeviceType booloptional

Whether to separate cached content based on the visitor's device type.

CacheDeceptionArmor booloptional

Whether to protect from web cache deception attacks, while allowing static assets to be cached.

CustomKey SetCacheSettingsRuleActionParametersCacheKeyCustomKeyoptional

Which components of the request are included or excluded from the cache key.

Header SetCacheSettingsRuleActionParametersCacheKeyCustomKeyHeaderoptional

Which headers to include in the cache key.

CheckPresence []stringoptional

A list of headers to check for the presence of. The presence of these headers is included in the cache key.

Contains map[string, []string]optional

A mapping of header names to a list of values. If a header is present in the request and contains any of the values provided, its value is included in the cache key.

ExcludeOrigin booloptional

Whether to exclude the origin header in the cache key.

Include []stringoptional

A list of headers to include in the cache key.

Host SetCacheSettingsRuleActionParametersCacheKeyCustomKeyHostoptional

How to use the host in the cache key.

Resolved booloptional

Whether to use the resolved host in the cache key.

QueryString SetCacheSettingsRuleActionParametersCacheKeyCustomKeyQueryStringoptional

Which query string parameters to include in or exclude from the cache key.

Exclude SetCacheSettingsRuleActionParametersCacheKeyCustomKeyQueryStringExcludeoptional

Which query string parameters to exclude from the cache key.

All SetCacheSettingsRuleActionParametersCacheKeyCustomKeyQueryStringExcludeAlloptional

Whether to exclude all query string parameters from the cache key.

List []stringoptional

A list of query string parameters to exclude from the cache key.

Include SetCacheSettingsRuleActionParametersCacheKeyCustomKeyQueryStringIncludeoptional

Which query string parameters to include in the cache key.

All SetCacheSettingsRuleActionParametersCacheKeyCustomKeyQueryStringIncludeAlloptional

Whether to include all query string parameters in the cache key.

List []stringoptional

A list of query string parameters to include in the cache key.

User SetCacheSettingsRuleActionParametersCacheKeyCustomKeyUseroptional

How to use characteristics of the request user agent in the cache key.

DeviceType booloptional

Whether to use the user agent's device type in the cache key.

Geo booloptional

Whether to use the user agents's country in the cache key.

Lang booloptional

Whether to use the user agent's language in the cache key.

IgnoreQueryStringsOrder booloptional

Whether to treat requests with the same query parameters the same, regardless of the order those query parameters are in.

CacheReserve SetCacheSettingsRuleActionParametersCacheReserveoptional

Settings to determine whether the request's response from origin is eligible for Cache Reserve (requires a Cache Reserve add-on plan).

Eligible bool

Whether Cache Reserve is enabled. If this is true and a request meets eligibility criteria, Cloudflare will write the resource to Cache Reserve.

MinimumFileSize int64optional

The minimum file size eligible for storage in Cache Reserve.

minimum0
EdgeTTL SetCacheSettingsRuleActionParametersEdgeTTLoptional

How long the Cloudflare edge network should cache the response.

Mode SetCacheSettingsRuleActionParametersEdgeTTLMode

The edge TTL mode.

One of the following:
const SetCacheSettingsRuleActionParametersEdgeTTLModeRespectOrigin SetCacheSettingsRuleActionParametersEdgeTTLMode = "respect_origin"
const SetCacheSettingsRuleActionParametersEdgeTTLModeBypassByDefault SetCacheSettingsRuleActionParametersEdgeTTLMode = "bypass_by_default"
const SetCacheSettingsRuleActionParametersEdgeTTLModeOverrideOrigin SetCacheSettingsRuleActionParametersEdgeTTLMode = "override_origin"
Default int64optional

The edge TTL (in seconds) if you choose the "override_origin" mode.

minimum0
StatusCodeTTL []SetCacheSettingsRuleActionParametersEdgeTTLStatusCodeTTLoptional

A list of TTLs to apply to specific status codes or status code ranges.

Value int64

The time to cache the response for (in seconds). A value of 0 is equivalent to setting the cache control header with the value "no-cache". A value of -1 is equivalent to setting the cache control header with the value of "no-store".

StatusCode int64optional

A single status code to apply the TTL to.

maximum999
minimum100
StatusCodeRange SetCacheSettingsRuleActionParametersEdgeTTLStatusCodeTTLStatusCodeRangeoptional

A range of status codes to apply the TTL to.

From int64optional

The lower bound of the range.

maximum999
minimum100
To int64optional

The upper bound of the range.

maximum999
minimum100
OriginCacheControl booloptional

Whether Cloudflare will aim to strictly adhere to RFC 7234.

OriginErrorPagePassthru booloptional

Whether to generate Cloudflare error pages for issues from the origin server.

ReadTimeout int64optional

A timeout value between two successive read operations to use for your origin server. Historically, the timeout value between two read options from Cloudflare to an origin server is 100 seconds. If you are attempting to reduce HTTP 524 errors because of timeouts from an origin server, try increasing this timeout value.

maximum6000
minimum100
RespectStrongEtags booloptional

Whether Cloudflare should respect strong ETag (entity tag) headers. If false, Cloudflare converts strong ETag headers to weak ETag headers.

ServeStale SetCacheSettingsRuleActionParametersServeStaleoptional

When to serve stale content from cache.

DisableStaleWhileUpdating booloptional

Whether Cloudflare should disable serving stale content while getting the latest content from the origin.

SharedDictionary SetCacheSettingsRuleActionParametersSharedDictionaryoptional

Configuration for shared dictionary compression. When set, Cloudflare injects Use-As-Dictionary headers on matching cacheable responses.

MatchPattern string

URL pattern for the Use-As-Dictionary match field. This pattern specifies which URLs can use this response as a dictionary.

maxLength1024
minLength1
StripEtags booloptional

Whether to strip ETag headers from the origin response before caching.

StripLastModified booloptional

Whether to strip Last-Modified headers from the origin response before caching.

Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck SetCacheSettingsRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit SetCacheSettingsRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type SetConfigRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action SetConfigRuleActionoptional

The action to perform when the rule matches.

ActionParameters SetConfigRuleActionParametersoptional

The parameters configuring the rule's action.

AutomaticHTTPSRewrites booloptional

Whether to enable Automatic HTTPS Rewrites.

Autominify SetConfigRuleActionParametersAutominifyoptional

Which file extensions to minify automatically.

CSS booloptional

Whether to minify CSS files.

HTML booloptional

Whether to minify HTML files.

JS booloptional

Whether to minify JavaScript files.

BIC booloptional

Whether to enable Browser Integrity Check (BIC).

ContentConverter booloptional

Whether to enable content conversion (e.g., HTML to Markdown).

DeprecatedDisableApps SetConfigRuleActionParametersDisableAppsoptional
Cloudflare Apps are deprected.

Whether to disable Cloudflare Apps.

DisablePayPerCrawl SetConfigRuleActionParametersDisablePayPerCrawloptional

Whether to disable Pay Per Crawl.

DisableRUM SetConfigRuleActionParametersDisableRUMoptional

Whether to disable Real User Monitoring (RUM).

DisableZaraz SetConfigRuleActionParametersDisableZarazoptional

Whether to disable Zaraz.

EmailObfuscation booloptional

Whether to enable Email Obfuscation.

Fonts booloptional

Whether to enable Cloudflare Fonts.

DeprecatedMirage booloptional
Mirage is deprecated. More information at https://developers.cloudflare.com/speed/optimization/images/mirage/.

Whether to enable Mirage.

OpportunisticEncryption booloptional

Whether to enable Opportunistic Encryption.

Polish SetConfigRuleActionParametersPolishoptional

The Polish level to configure.

One of the following:
const SetConfigRuleActionParametersPolishOff SetConfigRuleActionParametersPolish = "off"
const SetConfigRuleActionParametersPolishLossless SetConfigRuleActionParametersPolish = "lossless"
const SetConfigRuleActionParametersPolishLossy SetConfigRuleActionParametersPolish = "lossy"
const SetConfigRuleActionParametersPolishWebP SetConfigRuleActionParametersPolish = "webp"
RedirectsForAITraining booloptional

Whether to redirect verified AI training crawlers to canonical URLs found in the HTML response.

RequestBodyBuffering SetConfigRuleActionParametersRequestBodyBufferingoptional

The request body buffering mode.

One of the following:
const SetConfigRuleActionParametersRequestBodyBufferingNone SetConfigRuleActionParametersRequestBodyBuffering = "none"
const SetConfigRuleActionParametersRequestBodyBufferingStandard SetConfigRuleActionParametersRequestBodyBuffering = "standard"
const SetConfigRuleActionParametersRequestBodyBufferingFull SetConfigRuleActionParametersRequestBodyBuffering = "full"
ResponseBodyBuffering SetConfigRuleActionParametersResponseBodyBufferingoptional

The response body buffering mode.

One of the following:
const SetConfigRuleActionParametersResponseBodyBufferingNone SetConfigRuleActionParametersResponseBodyBuffering = "none"
const SetConfigRuleActionParametersResponseBodyBufferingStandard SetConfigRuleActionParametersResponseBodyBuffering = "standard"
RocketLoader booloptional

Whether to enable Rocket Loader.

SecurityLevel SetConfigRuleActionParametersSecurityLeveloptional

The Security Level to configure.

One of the following:
const SetConfigRuleActionParametersSecurityLevelOff SetConfigRuleActionParametersSecurityLevel = "off"
const SetConfigRuleActionParametersSecurityLevelEssentiallyOff SetConfigRuleActionParametersSecurityLevel = "essentially_off"
const SetConfigRuleActionParametersSecurityLevelLow SetConfigRuleActionParametersSecurityLevel = "low"
const SetConfigRuleActionParametersSecurityLevelMedium SetConfigRuleActionParametersSecurityLevel = "medium"
const SetConfigRuleActionParametersSecurityLevelHigh SetConfigRuleActionParametersSecurityLevel = "high"
const SetConfigRuleActionParametersSecurityLevelUnderAttack SetConfigRuleActionParametersSecurityLevel = "under_attack"
ServerSideExcludes booloptional

Whether to enable Server-Side Excludes.

SSL SetConfigRuleActionParametersSSLoptional

The SSL level to configure.

One of the following:
const SetConfigRuleActionParametersSSLOff SetConfigRuleActionParametersSSL = "off"
const SetConfigRuleActionParametersSSLFlexible SetConfigRuleActionParametersSSL = "flexible"
const SetConfigRuleActionParametersSSLFull SetConfigRuleActionParametersSSL = "full"
const SetConfigRuleActionParametersSSLStrict SetConfigRuleActionParametersSSL = "strict"
const SetConfigRuleActionParametersSSLOriginPull SetConfigRuleActionParametersSSL = "origin_pull"
SXG booloptional

Whether to enable Signed Exchanges (SXG).

Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck SetConfigRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit SetConfigRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1
type SkipRule struct{…}
LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time
Version string

The version of the rule.

ID stringoptional

The unique ID of the rule.

Action SkipRuleActionoptional

The action to perform when the rule matches.

ActionParameters SkipRuleActionParametersoptional

The parameters configuring the rule's action.

Phase SkipRuleActionParametersPhaseoptional

A phase to skip the execution of. This option is only compatible with the products option.

Phases []Phaseoptional

A list of phases to skip the execution of. This option is incompatible with the rulesets option.

One of the following:
const PhaseDDoSL4 Phase = "ddos_l4"
const PhaseDDoSL7 Phase = "ddos_l7"
const PhaseHTTPConfigSettings Phase = "http_config_settings"
const PhaseHTTPCustomErrors Phase = "http_custom_errors"
const PhaseHTTPLogCustomFields Phase = "http_log_custom_fields"
const PhaseHTTPRatelimit Phase = "http_ratelimit"
const PhaseHTTPRequestCacheSettings Phase = "http_request_cache_settings"
const PhaseHTTPRequestDynamicRedirect Phase = "http_request_dynamic_redirect"
const PhaseHTTPRequestFirewallCustom Phase = "http_request_firewall_custom"
const PhaseHTTPRequestFirewallManaged Phase = "http_request_firewall_managed"
const PhaseHTTPRequestLateTransform Phase = "http_request_late_transform"
const PhaseHTTPRequestOrigin Phase = "http_request_origin"
const PhaseHTTPRequestRedirect Phase = "http_request_redirect"
const PhaseHTTPRequestSanitize Phase = "http_request_sanitize"
const PhaseHTTPRequestSBFM Phase = "http_request_sbfm"
const PhaseHTTPRequestTransform Phase = "http_request_transform"
const PhaseHTTPResponseCacheSettings Phase = "http_response_cache_settings"
const PhaseHTTPResponseCompression Phase = "http_response_compression"
const PhaseHTTPResponseFirewallManaged Phase = "http_response_firewall_managed"
const PhaseHTTPResponseHeadersTransform Phase = "http_response_headers_transform"
const PhaseMagicTransit Phase = "magic_transit"
const PhaseMagicTransitIDsManaged Phase = "magic_transit_ids_managed"
const PhaseMagicTransitManaged Phase = "magic_transit_managed"
const PhaseMagicTransitRatelimit Phase = "magic_transit_ratelimit"
Products []SkipRuleActionParametersProductoptional

A list of legacy security products to skip the execution of.

One of the following:
const SkipRuleActionParametersProductBIC SkipRuleActionParametersProduct = "bic"
const SkipRuleActionParametersProductHot SkipRuleActionParametersProduct = "hot"
const SkipRuleActionParametersProductRateLimit SkipRuleActionParametersProduct = "rateLimit"
const SkipRuleActionParametersProductSecurityLevel SkipRuleActionParametersProduct = "securityLevel"
const SkipRuleActionParametersProductUABlock SkipRuleActionParametersProduct = "uaBlock"
const SkipRuleActionParametersProductWAF SkipRuleActionParametersProduct = "waf"
const SkipRuleActionParametersProductZoneLockdown SkipRuleActionParametersProduct = "zoneLockdown"
Rules map[string, []string]optional

A mapping of ruleset IDs to a list of rule IDs in that ruleset to skip the execution of. This option is incompatible with the ruleset option.

Ruleset SkipRuleActionParametersRulesetoptional

A ruleset to skip the execution of. This option is incompatible with the rulesets option.

Rulesets []stringoptional

A list of ruleset IDs to skip the execution of. This option is incompatible with the ruleset and phases options.

Categories []stringoptional

The categories of the rule.

Description stringoptional

An informative description of the rule.

Enabled booloptional

Whether the rule should be executed.

ExposedCredentialCheck SkipRuleExposedCredentialCheckoptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1
UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1
Expression stringoptional

The expression defining which traffic will match the rule.

minLength1
Logging Loggingoptional

An object configuring the rule's logging behavior.

Ratelimit SkipRuleRatelimitoptional

An object configuring the rule's rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0
CountingExpression stringoptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule's expression.

minLength1
MitigationTimeout int64optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1
RequestsToOrigin booloptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringoptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1
Ref stringoptional

The reference of the rule (the rule's ID by default).

minLength1