# Rules ## List firewall rules `firewall.rules.list(RuleListParams**kwargs) -> SyncV4PagePaginationArray[FirewallRule]` **get** `/zones/{zone_id}/firewall/rules` Fetches firewall rules in a zone. You can filter the results using several optional parameters. ### Parameters - `zone_id: str` Defines an identifier. - `id: Optional[str]` The unique identifier of the firewall rule. - `action: Optional[str]` The action to search for. Must be an exact match. - `description: Optional[str]` A case-insensitive string to find in the description. - `page: Optional[float]` Page number of paginated results. - `paused: Optional[bool]` When true, indicates that the firewall rule is currently paused. - `per_page: Optional[float]` Number of firewall rules per page. ### Returns - `class FirewallRule: …` - `id: Optional[str]` The unique identifier of the firewall rule. - `action: Optional[Action]` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description: Optional[str]` An informative summary of the firewall rule. - `filter: Optional[Filter]` - `class FirewallFilter: …` - `id: Optional[str]` The unique identifier of the filter. - `description: Optional[str]` An informative summary of the filter. - `expression: Optional[str]` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused: Optional[bool]` When true, indicates that the filter is currently paused. - `ref: Optional[str]` A short reference tag. Allows you to select related filters. - `class DeletedFilter: …` - `id: str` The unique identifier of the filter. - `deleted: bool` When true, indicates that the firewall rule was deleted. - `paused: Optional[bool]` When true, indicates that the firewall rule is currently paused. - `priority: Optional[float]` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products: Optional[List[Product]]` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref: Optional[str]` A short reference tag. Allows you to select related firewall rules. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.firewall.rules.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get a firewall rule `firewall.rules.get(strrule_id, RuleGetParams**kwargs) -> FirewallRule` **get** `/zones/{zone_id}/firewall/rules/{rule_id}` Fetches the details of a firewall rule. ### Parameters - `zone_id: str` Defines an identifier. - `rule_id: str` The unique identifier of the firewall rule. ### Returns - `class FirewallRule: …` - `id: Optional[str]` The unique identifier of the firewall rule. - `action: Optional[Action]` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description: Optional[str]` An informative summary of the firewall rule. - `filter: Optional[Filter]` - `class FirewallFilter: …` - `id: Optional[str]` The unique identifier of the filter. - `description: Optional[str]` An informative summary of the filter. - `expression: Optional[str]` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused: Optional[bool]` When true, indicates that the filter is currently paused. - `ref: Optional[str]` A short reference tag. Allows you to select related filters. - `class DeletedFilter: …` - `id: str` The unique identifier of the filter. - `deleted: bool` When true, indicates that the firewall rule was deleted. - `paused: Optional[bool]` When true, indicates that the firewall rule is currently paused. - `priority: Optional[float]` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products: Optional[List[Product]]` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref: Optional[str]` A short reference tag. Allows you to select related firewall rules. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) firewall_rule = client.firewall.rules.get( rule_id="372e67954025e0ba6aaa6d586b9e0b60", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(firewall_rule.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" }, "success": true } ``` ## Create firewall rules `firewall.rules.create(RuleCreateParams**kwargs) -> SyncSinglePage[FirewallRule]` **post** `/zones/{zone_id}/firewall/rules` Create one or more firewall rules. ### Parameters - `zone_id: str` Defines an identifier. - `action: Action` The action to perform when the threshold of matched traffic within the configured period is exceeded. - `mode: Optional[Literal["simulate", "ban", "challenge", 2 more]]` The action to perform. - `"simulate"` - `"ban"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `response: Optional[ActionResponse]` A custom content type and reponse to return when the threshold is exceeded. The custom response configured in this object will override the custom error for the zone. This object is optional. Notes: If you omit this object, Cloudflare will use the default HTML error page. If "mode" is "challenge", "managed_challenge", or "js_challenge", Cloudflare will use the zone challenge pages and you should not provide the "response" object. - `body: Optional[str]` The response body to return. The value must conform to the configured content type. - `content_type: Optional[str]` The content type of the body. Must be one of the following: `text/plain`, `text/xml`, or `application/json`. - `timeout: Optional[float]` The time in seconds during which Cloudflare will perform the mitigation action. Must be an integer value greater than or equal to the period. Notes: If "mode" is "challenge", "managed_challenge", or "js_challenge", Cloudflare will use the zone's Challenge Passage time and you should not provide this value. - `filter: FirewallFilterParam` - `id: Optional[str]` The unique identifier of the filter. - `description: Optional[str]` An informative summary of the filter. - `expression: Optional[str]` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused: Optional[bool]` When true, indicates that the filter is currently paused. - `ref: Optional[str]` A short reference tag. Allows you to select related filters. ### Returns - `class FirewallRule: …` - `id: Optional[str]` The unique identifier of the firewall rule. - `action: Optional[Action]` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description: Optional[str]` An informative summary of the firewall rule. - `filter: Optional[Filter]` - `class FirewallFilter: …` - `id: Optional[str]` The unique identifier of the filter. - `description: Optional[str]` An informative summary of the filter. - `expression: Optional[str]` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused: Optional[bool]` When true, indicates that the filter is currently paused. - `ref: Optional[str]` A short reference tag. Allows you to select related filters. - `class DeletedFilter: …` - `id: str` The unique identifier of the filter. - `deleted: bool` When true, indicates that the firewall rule was deleted. - `paused: Optional[bool]` When true, indicates that the firewall rule is currently paused. - `priority: Optional[float]` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products: Optional[List[Product]]` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref: Optional[str]` A short reference tag. Allows you to select related firewall rules. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.firewall.rules.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", action={}, filter={}, ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Update a firewall rule `firewall.rules.update(strrule_id, RuleUpdateParams**kwargs) -> FirewallRule` **put** `/zones/{zone_id}/firewall/rules/{rule_id}` Updates an existing firewall rule. ### Parameters - `zone_id: str` Defines an identifier. - `rule_id: str` The unique identifier of the firewall rule. - `action: Action` The action to perform when the threshold of matched traffic within the configured period is exceeded. - `mode: Optional[Literal["simulate", "ban", "challenge", 2 more]]` The action to perform. - `"simulate"` - `"ban"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `response: Optional[ActionResponse]` A custom content type and reponse to return when the threshold is exceeded. The custom response configured in this object will override the custom error for the zone. This object is optional. Notes: If you omit this object, Cloudflare will use the default HTML error page. If "mode" is "challenge", "managed_challenge", or "js_challenge", Cloudflare will use the zone challenge pages and you should not provide the "response" object. - `body: Optional[str]` The response body to return. The value must conform to the configured content type. - `content_type: Optional[str]` The content type of the body. Must be one of the following: `text/plain`, `text/xml`, or `application/json`. - `timeout: Optional[float]` The time in seconds during which Cloudflare will perform the mitigation action. Must be an integer value greater than or equal to the period. Notes: If "mode" is "challenge", "managed_challenge", or "js_challenge", Cloudflare will use the zone's Challenge Passage time and you should not provide this value. - `filter: FirewallFilterParam` - `id: Optional[str]` The unique identifier of the filter. - `description: Optional[str]` An informative summary of the filter. - `expression: Optional[str]` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused: Optional[bool]` When true, indicates that the filter is currently paused. - `ref: Optional[str]` A short reference tag. Allows you to select related filters. ### Returns - `class FirewallRule: …` - `id: Optional[str]` The unique identifier of the firewall rule. - `action: Optional[Action]` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description: Optional[str]` An informative summary of the firewall rule. - `filter: Optional[Filter]` - `class FirewallFilter: …` - `id: Optional[str]` The unique identifier of the filter. - `description: Optional[str]` An informative summary of the filter. - `expression: Optional[str]` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused: Optional[bool]` When true, indicates that the filter is currently paused. - `ref: Optional[str]` A short reference tag. Allows you to select related filters. - `class DeletedFilter: …` - `id: str` The unique identifier of the filter. - `deleted: bool` When true, indicates that the firewall rule was deleted. - `paused: Optional[bool]` When true, indicates that the firewall rule is currently paused. - `priority: Optional[float]` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products: Optional[List[Product]]` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref: Optional[str]` A short reference tag. Allows you to select related firewall rules. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) firewall_rule = client.firewall.rules.update( rule_id="372e67954025e0ba6aaa6d586b9e0b60", zone_id="023e105f4ecef8ad9ca31a8372d0c353", action={}, filter={}, ) print(firewall_rule.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" }, "success": true } ``` ## Update priority of a firewall rule `firewall.rules.edit(strrule_id, RuleEditParams**kwargs) -> SyncSinglePage[FirewallRule]` **patch** `/zones/{zone_id}/firewall/rules/{rule_id}` Updates the priority of an existing firewall rule. ### Parameters - `zone_id: str` Defines an identifier. - `rule_id: str` The unique identifier of the firewall rule. ### Returns - `class FirewallRule: …` - `id: Optional[str]` The unique identifier of the firewall rule. - `action: Optional[Action]` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description: Optional[str]` An informative summary of the firewall rule. - `filter: Optional[Filter]` - `class FirewallFilter: …` - `id: Optional[str]` The unique identifier of the filter. - `description: Optional[str]` An informative summary of the filter. - `expression: Optional[str]` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused: Optional[bool]` When true, indicates that the filter is currently paused. - `ref: Optional[str]` A short reference tag. Allows you to select related filters. - `class DeletedFilter: …` - `id: str` The unique identifier of the filter. - `deleted: bool` When true, indicates that the firewall rule was deleted. - `paused: Optional[bool]` When true, indicates that the firewall rule is currently paused. - `priority: Optional[float]` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products: Optional[List[Product]]` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref: Optional[str]` A short reference tag. Allows you to select related firewall rules. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.firewall.rules.edit( rule_id="372e67954025e0ba6aaa6d586b9e0b60", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Delete a firewall rule `firewall.rules.delete(strrule_id, RuleDeleteParams**kwargs) -> FirewallRule` **delete** `/zones/{zone_id}/firewall/rules/{rule_id}` Deletes an existing firewall rule. ### Parameters - `zone_id: str` Defines an identifier. - `rule_id: str` The unique identifier of the firewall rule. ### Returns - `class FirewallRule: …` - `id: Optional[str]` The unique identifier of the firewall rule. - `action: Optional[Action]` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description: Optional[str]` An informative summary of the firewall rule. - `filter: Optional[Filter]` - `class FirewallFilter: …` - `id: Optional[str]` The unique identifier of the filter. - `description: Optional[str]` An informative summary of the filter. - `expression: Optional[str]` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused: Optional[bool]` When true, indicates that the filter is currently paused. - `ref: Optional[str]` A short reference tag. Allows you to select related filters. - `class DeletedFilter: …` - `id: str` The unique identifier of the filter. - `deleted: bool` When true, indicates that the firewall rule was deleted. - `paused: Optional[bool]` When true, indicates that the firewall rule is currently paused. - `priority: Optional[float]` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products: Optional[List[Product]]` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref: Optional[str]` A short reference tag. Allows you to select related firewall rules. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) firewall_rule = client.firewall.rules.delete( rule_id="372e67954025e0ba6aaa6d586b9e0b60", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(firewall_rule.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" }, "success": true } ``` ## Update firewall rules `firewall.rules.bulk_update(RuleBulkUpdateParams**kwargs) -> SyncSinglePage[FirewallRule]` **put** `/zones/{zone_id}/firewall/rules` Updates one or more existing firewall rules. ### Parameters - `zone_id: str` Defines an identifier. - `body: object` ### Returns - `class FirewallRule: …` - `id: Optional[str]` The unique identifier of the firewall rule. - `action: Optional[Action]` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description: Optional[str]` An informative summary of the firewall rule. - `filter: Optional[Filter]` - `class FirewallFilter: …` - `id: Optional[str]` The unique identifier of the filter. - `description: Optional[str]` An informative summary of the filter. - `expression: Optional[str]` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused: Optional[bool]` When true, indicates that the filter is currently paused. - `ref: Optional[str]` A short reference tag. Allows you to select related filters. - `class DeletedFilter: …` - `id: str` The unique identifier of the filter. - `deleted: bool` When true, indicates that the firewall rule was deleted. - `paused: Optional[bool]` When true, indicates that the firewall rule is currently paused. - `priority: Optional[float]` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products: Optional[List[Product]]` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref: Optional[str]` A short reference tag. Allows you to select related firewall rules. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.firewall.rules.bulk_update( zone_id="023e105f4ecef8ad9ca31a8372d0c353", body={}, ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Update priority of firewall rules `firewall.rules.bulk_edit(RuleBulkEditParams**kwargs) -> SyncSinglePage[FirewallRule]` **patch** `/zones/{zone_id}/firewall/rules` Updates the priority of existing firewall rules. ### Parameters - `zone_id: str` Defines an identifier. - `body: object` ### Returns - `class FirewallRule: …` - `id: Optional[str]` The unique identifier of the firewall rule. - `action: Optional[Action]` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description: Optional[str]` An informative summary of the firewall rule. - `filter: Optional[Filter]` - `class FirewallFilter: …` - `id: Optional[str]` The unique identifier of the filter. - `description: Optional[str]` An informative summary of the filter. - `expression: Optional[str]` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused: Optional[bool]` When true, indicates that the filter is currently paused. - `ref: Optional[str]` A short reference tag. Allows you to select related filters. - `class DeletedFilter: …` - `id: str` The unique identifier of the filter. - `deleted: bool` When true, indicates that the firewall rule was deleted. - `paused: Optional[bool]` When true, indicates that the firewall rule is currently paused. - `priority: Optional[float]` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products: Optional[List[Product]]` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref: Optional[str]` A short reference tag. Allows you to select related firewall rules. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.firewall.rules.bulk_edit( zone_id="023e105f4ecef8ad9ca31a8372d0c353", body={}, ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Delete firewall rules `firewall.rules.bulk_delete(RuleBulkDeleteParams**kwargs) -> SyncSinglePage[FirewallRule]` **delete** `/zones/{zone_id}/firewall/rules` Deletes existing firewall rules. ### Parameters - `zone_id: str` Defines an identifier. ### Returns - `class FirewallRule: …` - `id: Optional[str]` The unique identifier of the firewall rule. - `action: Optional[Action]` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description: Optional[str]` An informative summary of the firewall rule. - `filter: Optional[Filter]` - `class FirewallFilter: …` - `id: Optional[str]` The unique identifier of the filter. - `description: Optional[str]` An informative summary of the filter. - `expression: Optional[str]` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused: Optional[bool]` When true, indicates that the filter is currently paused. - `ref: Optional[str]` A short reference tag. Allows you to select related filters. - `class DeletedFilter: …` - `id: str` The unique identifier of the filter. - `deleted: bool` When true, indicates that the firewall rule was deleted. - `paused: Optional[bool]` When true, indicates that the firewall rule is currently paused. - `priority: Optional[float]` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products: Optional[List[Product]]` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref: Optional[str]` A short reference tag. Allows you to select related firewall rules. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.firewall.rules.bulk_delete( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "372e67954025e0ba6aaa6d586b9e0b60", "action": "block", "description": "Blocks traffic identified during investigation for MIR-31", "filter": { "id": "372e67954025e0ba6aaa6d586b9e0b61", "description": "Restrict access from these browsers on this address range.", "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155", "paused": false, "ref": "FIL-100" }, "paused": false, "priority": 50, "products": [ "waf" ], "ref": "MIR-31" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Domain Types ### Deleted Filter - `class DeletedFilter: …` - `id: str` The unique identifier of the filter. - `deleted: bool` When true, indicates that the firewall rule was deleted. ### Firewall Rule - `class FirewallRule: …` - `id: Optional[str]` The unique identifier of the firewall rule. - `action: Optional[Action]` The action to apply to a matched request. The `log` action is only available on an Enterprise plan. - `"block"` - `"challenge"` - `"js_challenge"` - `"managed_challenge"` - `"allow"` - `"log"` - `"bypass"` - `description: Optional[str]` An informative summary of the firewall rule. - `filter: Optional[Filter]` - `class FirewallFilter: …` - `id: Optional[str]` The unique identifier of the filter. - `description: Optional[str]` An informative summary of the filter. - `expression: Optional[str]` The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/). - `paused: Optional[bool]` When true, indicates that the filter is currently paused. - `ref: Optional[str]` A short reference tag. Allows you to select related filters. - `class DeletedFilter: …` - `id: str` The unique identifier of the filter. - `deleted: bool` When true, indicates that the firewall rule was deleted. - `paused: Optional[bool]` When true, indicates that the firewall rule is currently paused. - `priority: Optional[float]` The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority. - `products: Optional[List[Product]]` - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"` - `ref: Optional[str]` A short reference tag. Allows you to select related firewall rules. ### Product - `Literal["zoneLockdown", "uaBlock", "bic", 4 more]` A list of products to bypass for a request when using the `bypass` action. - `"zoneLockdown"` - `"uaBlock"` - `"bic"` - `"hot"` - `"securityLevel"` - `"rateLimit"` - `"waf"`