# Rules ## List firewall rules `client.firewall.rules.list(RuleListParamsparams, RequestOptionsoptions?): V4PagePaginationArray` **get** `/zones/{zone_id}/firewall/rules` Fetches firewall rules in a zone. You can filter the results using several optional parameters. ### Parameters - `params: RuleListParams` - `zone_id: string` Path param: Defines an identifier. - `id?: string` Query param: The unique identifier of the firewall rule. - `action?: string` Query param: The action to search for. Must be an exact match. - `description?: string` Query param: A case-insensitive string to find in the description. - `page?: number` Query param: Page number of paginated results. - `paused?: boolean` Query param: When true, indicates that the firewall rule is currently paused. - `per_page?: number` Query param: Number of firewall rules per page. ### Returns - `FirewallRule` - `id?: string` The unique identifier of the firewall rule. - `action?: Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description?: string` An informative summary of the firewall rule. - `filter?: FirewallFilter | DeletedFilter` - `FirewallFilter` - `id?: string` The unique identifier of the filter. - `description?: string` An informative summary of the filter. - `expression?: string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused?: boolean` When true, indicates that the filter is currently paused. - `ref?: string` A short reference tag. Allows you to select related filters. - `DeletedFilter` - `id: string` The unique identifier of the filter. - `deleted: boolean` When true, indicates that the firewall rule was deleted. - `paused?: boolean` When true, indicates that the firewall rule is currently paused. - `priority?: number` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products?: Array` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref?: string` A short reference tag. Allows you to select related firewall rules. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const firewallRule of client.firewall.rules.list({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', })) { console.log(firewallRule.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get a firewall rule `client.firewall.rules.get(stringruleId, RuleGetParamsparams, RequestOptionsoptions?): FirewallRule` **get** `/zones/{zone_id}/firewall/rules/{rule_id}` Fetches the details of a firewall rule. ### Parameters - `ruleId: string` The unique identifier of the firewall rule. - `params: RuleGetParams` - `zone_id: string` Defines an identifier. ### Returns - `FirewallRule` - `id?: string` The unique identifier of the firewall rule. - `action?: Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description?: string` An informative summary of the firewall rule. - `filter?: FirewallFilter | DeletedFilter` - `FirewallFilter` - `id?: string` The unique identifier of the filter. - `description?: string` An informative summary of the filter. - `expression?: string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused?: boolean` When true, indicates that the filter is currently paused. - `ref?: string` A short reference tag. Allows you to select related filters. - `DeletedFilter` - `id: string` The unique identifier of the filter. - `deleted: boolean` When true, indicates that the firewall rule was deleted. - `paused?: boolean` When true, indicates that the firewall rule is currently paused. - `priority?: number` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products?: Array` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref?: string` A short reference tag. Allows you to select related firewall rules. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const firewallRule = await client.firewall.rules.get('372e67954025e0ba6aaa6d586b9e0b60', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(firewallRule.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" }, "success": true } ``` ## Create firewall rules `client.firewall.rules.create(RuleCreateParamsparams, RequestOptionsoptions?): SinglePage` **post** `/zones/{zone_id}/firewall/rules` Create one or more firewall rules. ### Parameters - `params: RuleCreateParams` - `zone_id: string` Path param: Defines an identifier. - `action: Action` Body param: The action to perform when the threshold of matched traffic within the configured period is exceeded. - `mode?: "simulate" | "ban" | "challenge" | 2 more` The action to perform. - `"simulate"` - `"ban"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `response?: Response` A custom content type and reponse to return when the threshold is exceeded. The custom response configured in this object will override the custom error for the zone. This object is optional. Notes: If you omit this object, Cloudflare will use the default HTML error page. If "mode" is "challenge", "managed_challenge", or "js_challenge", Cloudflare will use the zone challenge pages and you should not provide the "response" object. - `body?: string` The response body to return. The value must conform to the configured content type. - `content_type?: string` The content type of the body. Must be one of the following: `text/plain`, `text/xml`, or `application/json`. - `timeout?: number` The time in seconds during which Cloudflare will perform the mitigation action. Must be an integer value greater than or equal to the period. Notes: If "mode" is "challenge", "managed_challenge", or "js_challenge", Cloudflare will use the zone's Challenge Passage time and you should not provide this value. - `filter: FirewallFilter` Body param - `id?: string` The unique identifier of the filter. - `description?: string` An informative summary of the filter. - `expression?: string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused?: boolean` When true, indicates that the filter is currently paused. - `ref?: string` A short reference tag. Allows you to select related filters. ### Returns - `FirewallRule` - `id?: string` The unique identifier of the firewall rule. - `action?: Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description?: string` An informative summary of the firewall rule. - `filter?: FirewallFilter | DeletedFilter` - `FirewallFilter` - `id?: string` The unique identifier of the filter. - `description?: string` An informative summary of the filter. - `expression?: string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused?: boolean` When true, indicates that the filter is currently paused. - `ref?: string` A short reference tag. Allows you to select related filters. - `DeletedFilter` - `id: string` The unique identifier of the filter. - `deleted: boolean` When true, indicates that the firewall rule was deleted. - `paused?: boolean` When true, indicates that the firewall rule is currently paused. - `priority?: number` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products?: Array` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref?: string` A short reference tag. Allows you to select related firewall rules. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const firewallRule of client.firewall.rules.create({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', action: {}, filter: {}, })) { console.log(firewallRule.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Update a firewall rule `client.firewall.rules.update(stringruleId, RuleUpdateParamsparams, RequestOptionsoptions?): FirewallRule` **put** `/zones/{zone_id}/firewall/rules/{rule_id}` Updates an existing firewall rule. ### Parameters - `ruleId: string` The unique identifier of the firewall rule. - `params: RuleUpdateParams` - `zone_id: string` Path param: Defines an identifier. - `action: Action` Body param: The action to perform when the threshold of matched traffic within the configured period is exceeded. - `mode?: "simulate" | "ban" | "challenge" | 2 more` The action to perform. - `"simulate"` - `"ban"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `response?: Response` A custom content type and reponse to return when the threshold is exceeded. The custom response configured in this object will override the custom error for the zone. This object is optional. Notes: If you omit this object, Cloudflare will use the default HTML error page. If "mode" is "challenge", "managed_challenge", or "js_challenge", Cloudflare will use the zone challenge pages and you should not provide the "response" object. - `body?: string` The response body to return. The value must conform to the configured content type. - `content_type?: string` The content type of the body. Must be one of the following: `text/plain`, `text/xml`, or `application/json`. - `timeout?: number` The time in seconds during which Cloudflare will perform the mitigation action. Must be an integer value greater than or equal to the period. Notes: If "mode" is "challenge", "managed_challenge", or "js_challenge", Cloudflare will use the zone's Challenge Passage time and you should not provide this value. - `filter: FirewallFilter` Body param - `id?: string` The unique identifier of the filter. - `description?: string` An informative summary of the filter. - `expression?: string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused?: boolean` When true, indicates that the filter is currently paused. - `ref?: string` A short reference tag. Allows you to select related filters. ### Returns - `FirewallRule` - `id?: string` The unique identifier of the firewall rule. - `action?: Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description?: string` An informative summary of the firewall rule. - `filter?: FirewallFilter | DeletedFilter` - `FirewallFilter` - `id?: string` The unique identifier of the filter. - `description?: string` An informative summary of the filter. - `expression?: string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused?: boolean` When true, indicates that the filter is currently paused. - `ref?: string` A short reference tag. Allows you to select related filters. - `DeletedFilter` - `id: string` The unique identifier of the filter. - `deleted: boolean` When true, indicates that the firewall rule was deleted. - `paused?: boolean` When true, indicates that the firewall rule is currently paused. - `priority?: number` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products?: Array` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref?: string` A short reference tag. Allows you to select related firewall rules. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const firewallRule = await client.firewall.rules.update('372e67954025e0ba6aaa6d586b9e0b60', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353', action: {}, filter: {}, }); console.log(firewallRule.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" }, "success": true } ``` ## Update priority of a firewall rule `client.firewall.rules.edit(stringruleId, RuleEditParamsparams, RequestOptionsoptions?): SinglePage` **patch** `/zones/{zone_id}/firewall/rules/{rule_id}` Updates the priority of an existing firewall rule. ### Parameters - `ruleId: string` The unique identifier of the firewall rule. - `params: RuleEditParams` - `zone_id: string` Defines an identifier. ### Returns - `FirewallRule` - `id?: string` The unique identifier of the firewall rule. - `action?: Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description?: string` An informative summary of the firewall rule. - `filter?: FirewallFilter | DeletedFilter` - `FirewallFilter` - `id?: string` The unique identifier of the filter. - `description?: string` An informative summary of the filter. - `expression?: string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused?: boolean` When true, indicates that the filter is currently paused. - `ref?: string` A short reference tag. Allows you to select related filters. - `DeletedFilter` - `id: string` The unique identifier of the filter. - `deleted: boolean` When true, indicates that the firewall rule was deleted. - `paused?: boolean` When true, indicates that the firewall rule is currently paused. - `priority?: number` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products?: Array` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref?: string` A short reference tag. Allows you to select related firewall rules. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const firewallRule of client.firewall.rules.edit('372e67954025e0ba6aaa6d586b9e0b60', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353', })) { console.log(firewallRule.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Delete a firewall rule `client.firewall.rules.delete(stringruleId, RuleDeleteParamsparams, RequestOptionsoptions?): FirewallRule` **delete** `/zones/{zone_id}/firewall/rules/{rule_id}` Deletes an existing firewall rule. ### Parameters - `ruleId: string` The unique identifier of the firewall rule. - `params: RuleDeleteParams` - `zone_id: string` Defines an identifier. ### Returns - `FirewallRule` - `id?: string` The unique identifier of the firewall rule. - `action?: Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description?: string` An informative summary of the firewall rule. - `filter?: FirewallFilter | DeletedFilter` - `FirewallFilter` - `id?: string` The unique identifier of the filter. - `description?: string` An informative summary of the filter. - `expression?: string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused?: boolean` When true, indicates that the filter is currently paused. - `ref?: string` A short reference tag. Allows you to select related filters. - `DeletedFilter` - `id: string` The unique identifier of the filter. - `deleted: boolean` When true, indicates that the firewall rule was deleted. - `paused?: boolean` When true, indicates that the firewall rule is currently paused. - `priority?: number` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products?: Array` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref?: string` A short reference tag. Allows you to select related firewall rules. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const firewallRule = await client.firewall.rules.delete('372e67954025e0ba6aaa6d586b9e0b60', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(firewallRule.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" }, "success": true } ``` ## Update firewall rules `client.firewall.rules.bulkUpdate(RuleBulkUpdateParamsparams, RequestOptionsoptions?): SinglePage` **put** `/zones/{zone_id}/firewall/rules` Updates one or more existing firewall rules. ### Parameters - `params: RuleBulkUpdateParams` - `zone_id: string` Path param: Defines an identifier. - `body: unknown` Body param ### Returns - `FirewallRule` - `id?: string` The unique identifier of the firewall rule. - `action?: Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description?: string` An informative summary of the firewall rule. - `filter?: FirewallFilter | DeletedFilter` - `FirewallFilter` - `id?: string` The unique identifier of the filter. - `description?: string` An informative summary of the filter. - `expression?: string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused?: boolean` When true, indicates that the filter is currently paused. - `ref?: string` A short reference tag. Allows you to select related filters. - `DeletedFilter` - `id: string` The unique identifier of the filter. - `deleted: boolean` When true, indicates that the firewall rule was deleted. - `paused?: boolean` When true, indicates that the firewall rule is currently paused. - `priority?: number` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products?: Array` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref?: string` A short reference tag. Allows you to select related firewall rules. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const firewallRule of client.firewall.rules.bulkUpdate({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', body: {}, })) { console.log(firewallRule.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Update priority of firewall rules `client.firewall.rules.bulkEdit(RuleBulkEditParamsparams, RequestOptionsoptions?): SinglePage` **patch** `/zones/{zone_id}/firewall/rules` Updates the priority of existing firewall rules. ### Parameters - `params: RuleBulkEditParams` - `zone_id: string` Path param: Defines an identifier. - `body: unknown` Body param ### Returns - `FirewallRule` - `id?: string` The unique identifier of the firewall rule. - `action?: Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description?: string` An informative summary of the firewall rule. - `filter?: FirewallFilter | DeletedFilter` - `FirewallFilter` - `id?: string` The unique identifier of the filter. - `description?: string` An informative summary of the filter. - `expression?: string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused?: boolean` When true, indicates that the filter is currently paused. - `ref?: string` A short reference tag. Allows you to select related filters. - `DeletedFilter` - `id: string` The unique identifier of the filter. - `deleted: boolean` When true, indicates that the firewall rule was deleted. - `paused?: boolean` When true, indicates that the firewall rule is currently paused. - `priority?: number` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products?: Array` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref?: string` A short reference tag. Allows you to select related firewall rules. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const firewallRule of client.firewall.rules.bulkEdit({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', body: {}, })) { console.log(firewallRule.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Delete firewall rules `client.firewall.rules.bulkDelete(RuleBulkDeleteParamsparams, RequestOptionsoptions?): SinglePage` **delete** `/zones/{zone_id}/firewall/rules` Deletes existing firewall rules. ### Parameters - `params: RuleBulkDeleteParams` - `zone_id: string` Defines an identifier. ### Returns - `FirewallRule` - `id?: string` The unique identifier of the firewall rule. - `action?: Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description?: string` An informative summary of the firewall rule. - `filter?: FirewallFilter | DeletedFilter` - `FirewallFilter` - `id?: string` The unique identifier of the filter. - `description?: string` An informative summary of the filter. - `expression?: string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused?: boolean` When true, indicates that the filter is currently paused. - `ref?: string` A short reference tag. Allows you to select related filters. - `DeletedFilter` - `id: string` The unique identifier of the filter. - `deleted: boolean` When true, indicates that the firewall rule was deleted. - `paused?: boolean` When true, indicates that the firewall rule is currently paused. - `priority?: number` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products?: Array` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref?: string` A short reference tag. Allows you to select related firewall rules. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const firewallRule of client.firewall.rules.bulkDelete({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', })) { console.log(firewallRule.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Domain Types ### Deleted Filter - `DeletedFilter` - `id: string` The unique identifier of the filter. - `deleted: boolean` When true, indicates that the firewall rule was deleted. ### Firewall Rule - `FirewallRule` - `id?: string` The unique identifier of the firewall rule. - `action?: Action` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description?: string` An informative summary of the firewall rule. - `filter?: FirewallFilter | DeletedFilter` - `FirewallFilter` - `id?: string` The unique identifier of the filter. - `description?: string` An informative summary of the filter. - `expression?: string` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused?: boolean` When true, indicates that the filter is currently paused. - `ref?: string` A short reference tag. Allows you to select related filters. - `DeletedFilter` - `id: string` The unique identifier of the filter. - `deleted: boolean` When true, indicates that the firewall rule was deleted. - `paused?: boolean` When true, indicates that the firewall rule is currently paused. - `priority?: number` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products?: Array` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref?: string` A short reference tag. Allows you to select related firewall rules. ### Product - `Product = "zoneLockdown" | "uaBlock" | "bic" | 4 more` A list of products to bypass for a request when using the `bypass` action. - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"`