# Lockdowns ## List Zone Lockdown rules `client.firewall.lockdowns.list(LockdownListParamsparams, RequestOptionsoptions?): V4PagePaginationArray` **get** `/zones/{zone_id}/firewall/lockdowns` Fetches Zone Lockdown rules. You can filter the results using several optional parameters. ### Parameters - `params: LockdownListParams` - `zone_id: string` Path param: Defines an identifier. - `created_on?: string` Query param: The timestamp of when the rule was created. - `description?: string` Query param: A string to search for in the description of existing rules. - `description_search?: string` Query param: A string to search for in the description of existing rules. - `ip?: string` Query param: A single IP address to search for in existing rules. - `ip_range_search?: string` Query param: A single IP address range to search for in existing rules. - `ip_search?: string` Query param: A single IP address to search for in existing rules. - `modified_on?: string` Query param: The timestamp of when the rule was last modified. - `page?: number` Query param: Page number of paginated results. - `per_page?: number` Query param: The maximum number of results per page. You can only set the value to `1` or to a multiple of 5 such as `5`, `10`, `15`, or `20`. - `priority?: number` Query param: The priority of the rule to control the processing order. A lower number indicates higher priority. If not provided, any rules with a configured priority will be processed before rules without a priority. - `uri_search?: string` Query param: A single URI to search for in the list of URLs of existing rules. ### Returns - `Lockdown` - `id: string` The unique identifier of the Zone Lockdown rule. - `configurations: Configuration` A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of `ip` or `ip_range` configurations. - `LockdownIPConfiguration` - `target?: "ip"` The configuration target. You must set the target to `ip` when specifying an IP address in the Zone Lockdown rule. - `"ip"` - `value?: string` The IP address to match. This address will be compared to the IP address of incoming requests. - `LockdownCIDRConfiguration` - `target?: "ip_range"` The configuration target. You must set the target to `ip_range` when specifying an IP address range in the Zone Lockdown rule. - `"ip_range"` - `value?: string` The IP address range to match. You can only use prefix lengths `/16` and `/24`. - `created_on: string` The timestamp of when the rule was created. - `description: string` An informative summary of the rule. - `modified_on: string` The timestamp of when the rule was last modified. - `paused: boolean` When true, indicates that the rule is currently paused. - `urls: Array` The URLs to include in the rule definition. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const lockdown of client.firewall.lockdowns.list({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', })) { console.log(lockdown.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b59", "configurations": [ { "target": "ip", "value": "198.51.100.4" } ], "created_on": "2014-01-01T05:20:00.12345Z", "description": "Restrict access to these endpoints to requests from a known IP address", "modified_on": "2014-01-01T05:20:00.12345Z", "paused": false, "urls": [ "api.mysite.com/some/endpoint*" ] } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get a Zone Lockdown rule `client.firewall.lockdowns.get(stringlockDownsId, LockdownGetParamsparams, RequestOptionsoptions?): Lockdown` **get** `/zones/{zone_id}/firewall/lockdowns/{lock_downs_id}` Fetches the details of a Zone Lockdown rule. ### Parameters - `lockDownsId: string` The unique identifier of the Zone Lockdown rule. - `params: LockdownGetParams` - `zone_id: string` Defines an identifier. ### Returns - `Lockdown` - `id: string` The unique identifier of the Zone Lockdown rule. - `configurations: Configuration` A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of `ip` or `ip_range` configurations. - `LockdownIPConfiguration` - `target?: "ip"` The configuration target. You must set the target to `ip` when specifying an IP address in the Zone Lockdown rule. - `"ip"` - `value?: string` The IP address to match. This address will be compared to the IP address of incoming requests. - `LockdownCIDRConfiguration` - `target?: "ip_range"` The configuration target. You must set the target to `ip_range` when specifying an IP address range in the Zone Lockdown rule. - `"ip_range"` - `value?: string` The IP address range to match. You can only use prefix lengths `/16` and `/24`. - `created_on: string` The timestamp of when the rule was created. - `description: string` An informative summary of the rule. - `modified_on: string` The timestamp of when the rule was last modified. - `paused: boolean` When true, indicates that the rule is currently paused. - `urls: Array` The URLs to include in the rule definition. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const lockdown = await client.firewall.lockdowns.get('372e67954025e0ba6aaa6d586b9e0b59', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(lockdown.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b59", "configurations": [ { "target": "ip", "value": "198.51.100.4" } ], "created_on": "2014-01-01T05:20:00.12345Z", "description": "Restrict access to these endpoints to requests from a known IP address", "modified_on": "2014-01-01T05:20:00.12345Z", "paused": false, "urls": [ "api.mysite.com/some/endpoint*" ] }, "success": true } ``` ## Create a Zone Lockdown rule `client.firewall.lockdowns.create(LockdownCreateParamsparams, RequestOptionsoptions?): Lockdown` **post** `/zones/{zone_id}/firewall/lockdowns` Creates a new Zone Lockdown rule. ### Parameters - `params: LockdownCreateParams` - `zone_id: string` Path param: Defines an identifier. - `configurations: Configuration` Body param: A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of `ip` or `ip_range` configurations. - `LockdownIPConfiguration` - `target?: "ip"` The configuration target. You must set the target to `ip` when specifying an IP address in the Zone Lockdown rule. - `"ip"` - `value?: string` The IP address to match. This address will be compared to the IP address of incoming requests. - `LockdownCIDRConfiguration` - `target?: "ip_range"` The configuration target. You must set the target to `ip_range` when specifying an IP address range in the Zone Lockdown rule. - `"ip_range"` - `value?: string` The IP address range to match. You can only use prefix lengths `/16` and `/24`. - `urls: Array` Body param: The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. - `description?: string` Body param: An informative summary of the rule. This value is sanitized and any tags will be removed. - `paused?: boolean` Body param: When true, indicates that the rule is currently paused. - `priority?: number` Body param: The priority of the rule to control the processing order. A lower number indicates higher priority. If not provided, any rules with a configured priority will be processed before rules without a priority. ### Returns - `Lockdown` - `id: string` The unique identifier of the Zone Lockdown rule. - `configurations: Configuration` A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of `ip` or `ip_range` configurations. - `LockdownIPConfiguration` - `target?: "ip"` The configuration target. You must set the target to `ip` when specifying an IP address in the Zone Lockdown rule. - `"ip"` - `value?: string` The IP address to match. This address will be compared to the IP address of incoming requests. - `LockdownCIDRConfiguration` - `target?: "ip_range"` The configuration target. You must set the target to `ip_range` when specifying an IP address range in the Zone Lockdown rule. - `"ip_range"` - `value?: string` The IP address range to match. You can only use prefix lengths `/16` and `/24`. - `created_on: string` The timestamp of when the rule was created. - `description: string` An informative summary of the rule. - `modified_on: string` The timestamp of when the rule was last modified. - `paused: boolean` When true, indicates that the rule is currently paused. - `urls: Array` The URLs to include in the rule definition. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const lockdown = await client.firewall.lockdowns.create({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', configurations: [{}], urls: ['shop.example.com/*'], }); console.log(lockdown.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b59", "configurations": [ { "target": "ip", "value": "198.51.100.4" } ], "created_on": "2014-01-01T05:20:00.12345Z", "description": "Restrict access to these endpoints to requests from a known IP address", "modified_on": "2014-01-01T05:20:00.12345Z", "paused": false, "urls": [ "api.mysite.com/some/endpoint*" ] }, "success": true } ``` ## Update a Zone Lockdown rule `client.firewall.lockdowns.update(stringlockDownsId, LockdownUpdateParamsparams, RequestOptionsoptions?): Lockdown` **put** `/zones/{zone_id}/firewall/lockdowns/{lock_downs_id}` Updates an existing Zone Lockdown rule. ### Parameters - `lockDownsId: string` The unique identifier of the Zone Lockdown rule. - `params: LockdownUpdateParams` - `zone_id: string` Path param: Defines an identifier. - `configurations: Configuration` Body param: A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of `ip` or `ip_range` configurations. - `LockdownIPConfiguration` - `target?: "ip"` The configuration target. You must set the target to `ip` when specifying an IP address in the Zone Lockdown rule. - `"ip"` - `value?: string` The IP address to match. This address will be compared to the IP address of incoming requests. - `LockdownCIDRConfiguration` - `target?: "ip_range"` The configuration target. You must set the target to `ip_range` when specifying an IP address range in the Zone Lockdown rule. - `"ip_range"` - `value?: string` The IP address range to match. You can only use prefix lengths `/16` and `/24`. - `urls: Array` Body param: The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Returns - `Lockdown` - `id: string` The unique identifier of the Zone Lockdown rule. - `configurations: Configuration` A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of `ip` or `ip_range` configurations. - `LockdownIPConfiguration` - `target?: "ip"` The configuration target. You must set the target to `ip` when specifying an IP address in the Zone Lockdown rule. - `"ip"` - `value?: string` The IP address to match. This address will be compared to the IP address of incoming requests. - `LockdownCIDRConfiguration` - `target?: "ip_range"` The configuration target. You must set the target to `ip_range` when specifying an IP address range in the Zone Lockdown rule. - `"ip_range"` - `value?: string` The IP address range to match. You can only use prefix lengths `/16` and `/24`. - `created_on: string` The timestamp of when the rule was created. - `description: string` An informative summary of the rule. - `modified_on: string` The timestamp of when the rule was last modified. - `paused: boolean` When true, indicates that the rule is currently paused. - `urls: Array` The URLs to include in the rule definition. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const lockdown = await client.firewall.lockdowns.update('372e67954025e0ba6aaa6d586b9e0b59', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353', configurations: [{}], urls: ['shop.example.com/*'], }); console.log(lockdown.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b59", "configurations": [ { "target": "ip", "value": "198.51.100.4" } ], "created_on": "2014-01-01T05:20:00.12345Z", "description": "Restrict access to these endpoints to requests from a known IP address", "modified_on": "2014-01-01T05:20:00.12345Z", "paused": false, "urls": [ "api.mysite.com/some/endpoint*" ] }, "success": true } ``` ## Delete a Zone Lockdown rule `client.firewall.lockdowns.delete(stringlockDownsId, LockdownDeleteParamsparams, RequestOptionsoptions?): LockdownDeleteResponse` **delete** `/zones/{zone_id}/firewall/lockdowns/{lock_downs_id}` Deletes an existing Zone Lockdown rule. ### Parameters - `lockDownsId: string` The unique identifier of the Zone Lockdown rule. - `params: LockdownDeleteParams` - `zone_id: string` Defines an identifier. ### Returns - `LockdownDeleteResponse` - `id?: string` The unique identifier of the Zone Lockdown rule. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const lockdown = await client.firewall.lockdowns.delete('372e67954025e0ba6aaa6d586b9e0b59', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(lockdown.id); ``` #### Response ```json { "result": { "id": "372e67954025e0ba6aaa6d586b9e0b59" } } ``` ## Domain Types ### Configuration - `Configuration = Array` A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of `ip` or `ip_range` configurations. - `LockdownIPConfiguration` - `target?: "ip"` The configuration target. You must set the target to `ip` when specifying an IP address in the Zone Lockdown rule. - `"ip"` - `value?: string` The IP address to match. This address will be compared to the IP address of incoming requests. - `LockdownCIDRConfiguration` - `target?: "ip_range"` The configuration target. You must set the target to `ip_range` when specifying an IP address range in the Zone Lockdown rule. - `"ip_range"` - `value?: string` The IP address range to match. You can only use prefix lengths `/16` and `/24`. ### Lockdown - `Lockdown` - `id: string` The unique identifier of the Zone Lockdown rule. - `configurations: Configuration` A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of `ip` or `ip_range` configurations. - `LockdownIPConfiguration` - `target?: "ip"` The configuration target. You must set the target to `ip` when specifying an IP address in the Zone Lockdown rule. - `"ip"` - `value?: string` The IP address to match. This address will be compared to the IP address of incoming requests. - `LockdownCIDRConfiguration` - `target?: "ip_range"` The configuration target. You must set the target to `ip_range` when specifying an IP address range in the Zone Lockdown rule. - `"ip_range"` - `value?: string` The IP address range to match. You can only use prefix lengths `/16` and `/24`. - `created_on: string` The timestamp of when the rule was created. - `description: string` An informative summary of the rule. - `modified_on: string` The timestamp of when the rule was last modified. - `paused: boolean` When true, indicates that the rule is currently paused. - `urls: Array` The URLs to include in the rule definition. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Lockdown CIDR Configuration - `LockdownCIDRConfiguration` - `target?: "ip_range"` The configuration target. You must set the target to `ip_range` when specifying an IP address range in the Zone Lockdown rule. - `"ip_range"` - `value?: string` The IP address range to match. You can only use prefix lengths `/16` and `/24`. ### Lockdown IP Configuration - `LockdownIPConfiguration` - `target?: "ip"` The configuration target. You must set the target to `ip` when specifying an IP address in the Zone Lockdown rule. - `"ip"` - `value?: string` The IP address to match. This address will be compared to the IP address of incoming requests. ### Lockdown URL - `LockdownURL = string` ### Lockdown Delete Response - `LockdownDeleteResponse` - `id?: string` The unique identifier of the Zone Lockdown rule.