List WAF packages

Deprecated

GET/zones/{zone_id}/firewall/waf/packages

Fetches WAF packages for a zone.

Note: Applies only to the previous version of WAF managed rules.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Firewall Services WriteFirewall Services Read

Path ParametersExpand Collapse

zone_id: string

Defines an identifier.

maxLength32

Query ParametersExpand Collapse

direction: optional "asc" or "desc"

The direction used to sort returned packages.

One of the following:

"asc"

"desc"

match: optional "any" or "all"

When set to all, all the search requirements must match. When set to any, only one of the search requirements has to match.

One of the following:

"any"

"all"

The name of the WAF package.

order: optional "name"

The field used to sort returned packages.

page: optional number

The page number of paginated results.

minimum1

per_page: optional number

The number of packages per page.

maximum100

minimum5

ReturnsExpand Collapse

FirewallAPIResponseCollection = object { errors, messages, result, 2 more }

errors: array of ResponseInfo { code, message, documentation_url, source }

code: number

minimum1000

message: string

documentation_url: optional string

source: optional object { pointer }

pointer: optional string

messages: array of ResponseInfo { code, message, documentation_url, source }

code: number

minimum1000

message: string

documentation_url: optional string

source: optional object { pointer }

pointer: optional string

result: array of unknown

success: true

Defines whether the API call was successful.

result_info: optional object { count, page, per_page, total_count }

Defines the total number of results for the requested service.

page: optional number

Defines the current page within paginated list of results.

per_page: optional number

Defines the number of results per page of results.

total_count: optional number

Defines the total results available without any search parameters.

Result = object { result }

result: optional array of object { id, description, detection_mode, 3 more } or object { id, description, detection_mode, 5 more }

One of the following:

FirewallPackageDefinition = object { id, description, detection_mode, 3 more }

id: string

Defines an identifier.

maxLength32

description: string

A summary of the purpose/function of the WAF package.

detection_mode: "anomaly" or "traditional"

The mode that defines how rules within the package are evaluated during the course of a request. When a package uses anomaly detection mode (anomaly value), each rule is given a score when triggered. If the total score of all triggered rules exceeds the sensitivity defined in the WAF package, the action configured in the package will be performed. Traditional detection mode (traditional value) will decide the action to take when it is triggered by the request. If multiple rules are triggered, the action providing the highest protection will be applied (for example, a 'block' action will win over a 'challenge' action).

One of the following:

"anomaly"

"traditional"

The name of the WAF package.

zone_id: string

Defines an identifier.

maxLength32

status: optional "active"

When set to active, indicates that the WAF package will be applied to the zone.

FirewallAnomalyPackage = object { id, description, detection_mode, 5 more }

id: string

Defines an identifier.

maxLength32

description: string

A summary of the purpose/function of the WAF package.

detection_mode: "anomaly" or "traditional"

When a WAF package uses anomaly detection, each rule is given a score when triggered. If the total score of all triggered rules exceeds the sensitivity defined on the WAF package, the action defined on the package will be taken.

One of the following:

"anomaly"

"traditional"

The name of the WAF package.

zone_id: string

Defines an identifier.

maxLength32

action_mode: optional "simulate" or "block" or "challenge"

The default action performed by the rules in the WAF package.

One of the following:

"simulate"

"block"

"challenge"

sensitivity: optional "high" or "medium" or "low" or "off"

The sensitivity of the WAF package.

One of the following:

"high"

"medium"

"low"

"off"

status: optional "active"

When set to active, indicates that the WAF package will be applied to the zone.

List WAF packages

curl https://api.cloudflare.com/client/v4/zones/$ZONE_ID/firewall/waf/packages \
    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN"

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {}
  ],
  "success": true,
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000
  }
}

Returns Examples

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {}
  ],
  "success": true,
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000
  }
}