# WAF # Overrides ## List WAF overrides `firewall.waf.overrides.list(OverrideListParams**kwargs) -> SyncV4PagePaginationArray[Override]` **get** `/zones/{zone_id}/firewall/waf/overrides` Fetches the URI-based WAF overrides in a zone. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier. - `page: Optional[float]` The page number of paginated results. - `per_page: Optional[float]` The number of WAF overrides per page. ### Returns - `class Override: …` - `id: Optional[str]` The unique identifier of the WAF override. - `description: Optional[str]` An informative summary of the current URI-based WAF override. - `groups: Optional[Dict[str, object]]` An object that allows you to enable or disable WAF rule groups for the current WAF override. Each key of this object must be the ID of a WAF rule group, and each value must be a valid WAF action (usually `default` or `disable`). When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. - `paused: Optional[bool]` When true, indicates that the rule is currently paused. - `priority: Optional[float]` The relative priority of the current URI-based WAF override when multiple overrides match a single URL. A lower number indicates higher priority. Higher priority overrides may overwrite values set by lower priority overrides. - `rewrite_action: Optional[RewriteAction]` Specifies that, when a WAF rule matches, its configured action will be replaced by the action configured in this object. - `block: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `challenge: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `default: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `disable: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `simulate: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `rules: Optional[WAFRule]` An object that allows you to override the action of specific WAF rules. Each key of this object must be the ID of a WAF rule, and each value must be a valid WAF action. Unless you are disabling a rule, ensure that you also enable the rule group that this WAF rule belongs to. When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `urls: Optional[List[OverrideURL]]` The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.firewall.waf.overrides.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "de677e5818985db1285d0e80225f06e5", "description": "Enable Cloudflare Magento ruleset for shop.example.com", "groups": { "ea8687e59929c1fd05ba97574ad43f77": "bar" }, "paused": true, "priority": 1, "rewrite_action": { "block": "challenge", "challenge": "challenge", "default": "challenge", "disable": "challenge", "simulate": "challenge" }, "rules": { "100015": "disable" }, "urls": [ "shop.example.com/*" ] } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get a WAF override `firewall.waf.overrides.get(stroverrides_id, OverrideGetParams**kwargs) -> Override` **get** `/zones/{zone_id}/firewall/waf/overrides/{overrides_id}` Fetches the details of a URI-based WAF override. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier. - `overrides_id: str` The unique identifier of the WAF override. ### Returns - `class Override: …` - `id: Optional[str]` The unique identifier of the WAF override. - `description: Optional[str]` An informative summary of the current URI-based WAF override. - `groups: Optional[Dict[str, object]]` An object that allows you to enable or disable WAF rule groups for the current WAF override. Each key of this object must be the ID of a WAF rule group, and each value must be a valid WAF action (usually `default` or `disable`). When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. - `paused: Optional[bool]` When true, indicates that the rule is currently paused. - `priority: Optional[float]` The relative priority of the current URI-based WAF override when multiple overrides match a single URL. A lower number indicates higher priority. Higher priority overrides may overwrite values set by lower priority overrides. - `rewrite_action: Optional[RewriteAction]` Specifies that, when a WAF rule matches, its configured action will be replaced by the action configured in this object. - `block: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `challenge: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `default: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `disable: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `simulate: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `rules: Optional[WAFRule]` An object that allows you to override the action of specific WAF rules. Each key of this object must be the ID of a WAF rule, and each value must be a valid WAF action. Unless you are disabling a rule, ensure that you also enable the rule group that this WAF rule belongs to. When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `urls: Optional[List[OverrideURL]]` The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) override = client.firewall.waf.overrides.get( overrides_id="de677e5818985db1285d0e80225f06e5", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(override.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "de677e5818985db1285d0e80225f06e5", "description": "Enable Cloudflare Magento ruleset for shop.example.com", "groups": { "ea8687e59929c1fd05ba97574ad43f77": "bar" }, "paused": true, "priority": 1, "rewrite_action": { "block": "challenge", "challenge": "challenge", "default": "challenge", "disable": "challenge", "simulate": "challenge" }, "rules": { "100015": "disable" }, "urls": [ "shop.example.com/*" ] }, "success": true } ``` ## Create a WAF override `firewall.waf.overrides.create(OverrideCreateParams**kwargs) -> Override` **post** `/zones/{zone_id}/firewall/waf/overrides` Creates a URI-based WAF override for a zone. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier. - `urls: SequenceNotStr[OverrideURL]` The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Returns - `class Override: …` - `id: Optional[str]` The unique identifier of the WAF override. - `description: Optional[str]` An informative summary of the current URI-based WAF override. - `groups: Optional[Dict[str, object]]` An object that allows you to enable or disable WAF rule groups for the current WAF override. Each key of this object must be the ID of a WAF rule group, and each value must be a valid WAF action (usually `default` or `disable`). When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. - `paused: Optional[bool]` When true, indicates that the rule is currently paused. - `priority: Optional[float]` The relative priority of the current URI-based WAF override when multiple overrides match a single URL. A lower number indicates higher priority. Higher priority overrides may overwrite values set by lower priority overrides. - `rewrite_action: Optional[RewriteAction]` Specifies that, when a WAF rule matches, its configured action will be replaced by the action configured in this object. - `block: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `challenge: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `default: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `disable: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `simulate: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `rules: Optional[WAFRule]` An object that allows you to override the action of specific WAF rules. Each key of this object must be the ID of a WAF rule, and each value must be a valid WAF action. Unless you are disabling a rule, ensure that you also enable the rule group that this WAF rule belongs to. When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `urls: Optional[List[OverrideURL]]` The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) override = client.firewall.waf.overrides.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", urls=["shop.example.com/*"], ) print(override.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "de677e5818985db1285d0e80225f06e5", "description": "Enable Cloudflare Magento ruleset for shop.example.com", "groups": { "ea8687e59929c1fd05ba97574ad43f77": "bar" }, "paused": true, "priority": 1, "rewrite_action": { "block": "challenge", "challenge": "challenge", "default": "challenge", "disable": "challenge", "simulate": "challenge" }, "rules": { "100015": "disable" }, "urls": [ "shop.example.com/*" ] }, "success": true } ``` ## Update WAF override `firewall.waf.overrides.update(stroverrides_id, OverrideUpdateParams**kwargs) -> Override` **put** `/zones/{zone_id}/firewall/waf/overrides/{overrides_id}` Updates an existing URI-based WAF override. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier. - `overrides_id: str` The unique identifier of the WAF override. - `id: str` Defines an identifier. - `rewrite_action: RewriteActionParam` Specifies that, when a WAF rule matches, its configured action will be replaced by the action configured in this object. - `block: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `challenge: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `default: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `disable: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `simulate: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `rules: WAFRuleParam` An object that allows you to override the action of specific WAF rules. Each key of this object must be the ID of a WAF rule, and each value must be a valid WAF action. Unless you are disabling a rule, ensure that you also enable the rule group that this WAF rule belongs to. When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `urls: SequenceNotStr[OverrideURL]` The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Returns - `class Override: …` - `id: Optional[str]` The unique identifier of the WAF override. - `description: Optional[str]` An informative summary of the current URI-based WAF override. - `groups: Optional[Dict[str, object]]` An object that allows you to enable or disable WAF rule groups for the current WAF override. Each key of this object must be the ID of a WAF rule group, and each value must be a valid WAF action (usually `default` or `disable`). When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. - `paused: Optional[bool]` When true, indicates that the rule is currently paused. - `priority: Optional[float]` The relative priority of the current URI-based WAF override when multiple overrides match a single URL. A lower number indicates higher priority. Higher priority overrides may overwrite values set by lower priority overrides. - `rewrite_action: Optional[RewriteAction]` Specifies that, when a WAF rule matches, its configured action will be replaced by the action configured in this object. - `block: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `challenge: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `default: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `disable: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `simulate: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `rules: Optional[WAFRule]` An object that allows you to override the action of specific WAF rules. Each key of this object must be the ID of a WAF rule, and each value must be a valid WAF action. Unless you are disabling a rule, ensure that you also enable the rule group that this WAF rule belongs to. When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `urls: Optional[List[OverrideURL]]` The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) override = client.firewall.waf.overrides.update( overrides_id="de677e5818985db1285d0e80225f06e5", zone_id="023e105f4ecef8ad9ca31a8372d0c353", id="023e105f4ecef8ad9ca31a8372d0c353", rewrite_action={}, rules={ "100015": "disable" }, urls=["shop.example.com/*"], ) print(override.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "de677e5818985db1285d0e80225f06e5", "description": "Enable Cloudflare Magento ruleset for shop.example.com", "groups": { "ea8687e59929c1fd05ba97574ad43f77": "bar" }, "paused": true, "priority": 1, "rewrite_action": { "block": "challenge", "challenge": "challenge", "default": "challenge", "disable": "challenge", "simulate": "challenge" }, "rules": { "100015": "disable" }, "urls": [ "shop.example.com/*" ] }, "success": true } ``` ## Delete a WAF override `firewall.waf.overrides.delete(stroverrides_id, OverrideDeleteParams**kwargs) -> OverrideDeleteResponse` **delete** `/zones/{zone_id}/firewall/waf/overrides/{overrides_id}` Deletes an existing URI-based WAF override. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier. - `overrides_id: str` The unique identifier of the WAF override. ### Returns - `class OverrideDeleteResponse: …` - `id: Optional[str]` The unique identifier of the WAF override. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) override = client.firewall.waf.overrides.delete( overrides_id="de677e5818985db1285d0e80225f06e5", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(override.id) ``` #### Response ```json { "result": { "id": "de677e5818985db1285d0e80225f06e5" } } ``` ## Domain Types ### Override - `class Override: …` - `id: Optional[str]` The unique identifier of the WAF override. - `description: Optional[str]` An informative summary of the current URI-based WAF override. - `groups: Optional[Dict[str, object]]` An object that allows you to enable or disable WAF rule groups for the current WAF override. Each key of this object must be the ID of a WAF rule group, and each value must be a valid WAF action (usually `default` or `disable`). When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. - `paused: Optional[bool]` When true, indicates that the rule is currently paused. - `priority: Optional[float]` The relative priority of the current URI-based WAF override when multiple overrides match a single URL. A lower number indicates higher priority. Higher priority overrides may overwrite values set by lower priority overrides. - `rewrite_action: Optional[RewriteAction]` Specifies that, when a WAF rule matches, its configured action will be replaced by the action configured in this object. - `block: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `challenge: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `default: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `disable: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `simulate: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `rules: Optional[WAFRule]` An object that allows you to override the action of specific WAF rules. Each key of this object must be the ID of a WAF rule, and each value must be a valid WAF action. Unless you are disabling a rule, ensure that you also enable the rule group that this WAF rule belongs to. When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `urls: Optional[List[OverrideURL]]` The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. ### Override URL - `str` ### Rewrite Action - `class RewriteAction: …` Specifies that, when a WAF rule matches, its configured action will be replaced by the action configured in this object. - `block: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `challenge: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `default: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `disable: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` - `simulate: Optional[Literal["challenge", "block", "simulate", 2 more]]` The WAF rule action to apply. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` ### WAF Rule - `Dict[str, Literal["challenge", "block", "simulate", 2 more]]` An object that allows you to override the action of specific WAF rules. Each key of this object must be the ID of a WAF rule, and each value must be a valid WAF action. Unless you are disabling a rule, ensure that you also enable the rule group that this WAF rule belongs to. When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. - `"challenge"` - `"block"` - `"simulate"` - `"disable"` - `"default"` ### Override Delete Response - `class OverrideDeleteResponse: …` - `id: Optional[str]` The unique identifier of the WAF override. # Packages ## List WAF packages `firewall.waf.packages.list(PackageListParams**kwargs) -> SyncV4PagePaginationArray[object]` **get** `/zones/{zone_id}/firewall/waf/packages` Fetches WAF packages for a zone. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier. - `direction: Optional[Literal["asc", "desc"]]` The direction used to sort returned packages. - `"asc"` - `"desc"` - `match: Optional[Literal["any", "all"]]` When set to `all`, all the search requirements must match. When set to `any`, only one of the search requirements has to match. - `"any"` - `"all"` - `name: Optional[str]` The name of the WAF package. - `order: Optional[Literal["name"]]` The field used to sort returned packages. - `"name"` - `page: Optional[float]` The page number of paginated results. - `per_page: Optional[float]` The number of packages per page. ### Returns - `object` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.firewall.waf.packages.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ {} ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get a WAF package `firewall.waf.packages.get(strpackage_id, PackageGetParams**kwargs) -> PackageGetResponse` **get** `/zones/{zone_id}/firewall/waf/packages/{package_id}` Fetches the details of a WAF package. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier. - `package_id: str` Defines a package identifier. ### Returns - `PackageGetResponse` - `class FirewallAPIResponseSingle: …` - `errors: List[ResponseInfo]` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[Source]` - `pointer: Optional[str]` - `messages: List[ResponseInfo]` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[Source]` - `result: Union[Optional[str], Optional[object]]` - `Optional[str]` - `Optional[object]` - `success: Literal[true]` Defines whether the API call was successful. - `true` - `class Result: …` - `result: Optional[object]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) package = client.firewall.waf.packages.get( package_id="023e105f4ecef8ad9ca31a8372d0c353", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(package) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": {}, "success": true } ``` ## Domain Types ### Package Get Response - `PackageGetResponse` - `class FirewallAPIResponseSingle: …` - `errors: List[ResponseInfo]` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[Source]` - `pointer: Optional[str]` - `messages: List[ResponseInfo]` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[Source]` - `result: Union[Optional[str], Optional[object]]` - `Optional[str]` - `Optional[object]` - `success: Literal[true]` Defines whether the API call was successful. - `true` - `class Result: …` - `result: Optional[object]` # Groups ## List WAF rule groups `firewall.waf.packages.groups.list(strpackage_id, GroupListParams**kwargs) -> SyncV4PagePaginationArray[Group]` **get** `/zones/{zone_id}/firewall/waf/packages/{package_id}/groups` Fetches the WAF rule groups in a WAF package. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier of a schema. - `package_id: str` Defines the unique identifier of a WAF package. - `direction: Optional[Literal["asc", "desc"]]` Defines the direction used to sort returned rule groups. - `"asc"` - `"desc"` - `match: Optional[Literal["any", "all"]]` Defines the condition for search requirements. When set to `all`, all the search requirements must match. When set to `any`, only one of the search requirements has to match. - `"any"` - `"all"` - `mode: Optional[Literal["on", "off"]]` Defines the state of the rules contained in the rule group. When `on`, the rules in the group are configurable/usable. - `"on"` - `"off"` - `name: Optional[str]` Defines the name of the rule group. - `order: Optional[Literal["mode", "rules_count"]]` Defines the field used to sort returned rule groups. - `"mode"` - `"rules_count"` - `page: Optional[float]` Defines the page number of paginated results. - `per_page: Optional[float]` Defines the number of rule groups per page. - `rules_count: Optional[float]` Defines the number of rules in the current rule group. ### Returns - `class Group: …` - `id: str` Defines the unique identifier of the rule group. - `description: Optional[str]` Defines an informative summary of what the rule group does. - `mode: Literal["on", "off"]` Defines the state of the rules contained in the rule group. When `on`, the rules in the group are configurable/usable. - `"on"` - `"off"` - `name: str` Defines the name of the rule group. - `rules_count: float` Defines the number of rules in the current rule group. - `allowed_modes: Optional[List[Literal["on", "off"]]]` Defines the available states for the rule group. - `"on"` - `"off"` - `modified_rules_count: Optional[float]` Defines the number of rules within the group that have been modified from their default configuration. - `package_id: Optional[str]` Defines the unique identifier of a WAF package. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.firewall.waf.packages.groups.list( package_id="a25a9a7e9c00afc1fb2e0245519d725b", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "de677e5818985db1285d0e80225f06e5", "description": "Group designed to protect against IP addresses that are a threat and typically used to launch DDoS attacks", "mode": "on", "name": "Project Honey Pot", "rules_count": 10, "allowed_modes": [ "on", "off" ], "modified_rules_count": 2, "package_id": "a25a9a7e9c00afc1fb2e0245519d725b" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get a WAF rule group `firewall.waf.packages.groups.get(strgroup_id, GroupGetParams**kwargs) -> GroupGetResponse` **get** `/zones/{zone_id}/firewall/waf/packages/{package_id}/groups/{group_id}` Fetches the details of a WAF rule group. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier of a schema. - `package_id: str` Defines the unique identifier of a WAF package. - `group_id: str` Defines the unique identifier of a WAF package. ### Returns - `Union[Optional[str], Optional[object]]` - `Optional[str]` - `Optional[object]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) group = client.firewall.waf.packages.groups.get( group_id="a25a9a7e9c00afc1fb2e0245519d725b", zone_id="023e105f4ecef8ad9ca31a8372d0c353", package_id="a25a9a7e9c00afc1fb2e0245519d725b", ) print(group) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": {}, "success": true } ``` ## Update a WAF rule group `firewall.waf.packages.groups.edit(strgroup_id, GroupEditParams**kwargs) -> GroupEditResponse` **patch** `/zones/{zone_id}/firewall/waf/packages/{package_id}/groups/{group_id}` Updates a WAF rule group. You can update the state (`mode` parameter) of a rule group. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier of a schema. - `package_id: str` Defines the unique identifier of a WAF package. - `group_id: str` Defines the unique identifier of a WAF package. - `mode: Optional[Literal["on", "off"]]` Defines the state of the rules contained in the rule group. When `on`, the rules in the group are configurable/usable. - `"on"` - `"off"` ### Returns - `Union[Optional[str], Optional[object]]` - `Optional[str]` - `Optional[object]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.firewall.waf.packages.groups.edit( group_id="a25a9a7e9c00afc1fb2e0245519d725b", zone_id="023e105f4ecef8ad9ca31a8372d0c353", package_id="a25a9a7e9c00afc1fb2e0245519d725b", ) print(response) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": {}, "success": true } ``` ## Domain Types ### Group - `class Group: …` - `id: str` Defines the unique identifier of the rule group. - `description: Optional[str]` Defines an informative summary of what the rule group does. - `mode: Literal["on", "off"]` Defines the state of the rules contained in the rule group. When `on`, the rules in the group are configurable/usable. - `"on"` - `"off"` - `name: str` Defines the name of the rule group. - `rules_count: float` Defines the number of rules in the current rule group. - `allowed_modes: Optional[List[Literal["on", "off"]]]` Defines the available states for the rule group. - `"on"` - `"off"` - `modified_rules_count: Optional[float]` Defines the number of rules within the group that have been modified from their default configuration. - `package_id: Optional[str]` Defines the unique identifier of a WAF package. ### Group Get Response - `Union[Optional[str], Optional[object]]` - `Optional[str]` - `Optional[object]` ### Group Edit Response - `Union[Optional[str], Optional[object]]` - `Optional[str]` - `Optional[object]` # Rules ## List WAF rules `firewall.waf.packages.rules.list(strpackage_id, RuleListParams**kwargs) -> SyncV4PagePaginationArray[RuleListResponse]` **get** `/zones/{zone_id}/firewall/waf/packages/{package_id}/rules` Fetches WAF rules in a WAF package. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier of a schema. - `package_id: str` Defines the unique identifier of a WAF package. - `description: Optional[str]` Defines the public description of the WAF rule. - `direction: Optional[Literal["asc", "desc"]]` Defines the direction used to sort returned rules. - `"asc"` - `"desc"` - `group_id: Optional[str]` Defines the unique identifier of the rule group. - `match: Optional[Literal["any", "all"]]` Defines the search requirements. When set to `all`, all the search requirements must match. When set to `any`, only one of the search requirements has to match. - `"any"` - `"all"` - `mode: Optional[Literal["DIS", "CHL", "BLK", "SIM"]]` Defines the action/mode a rule has been overridden to perform. - `"DIS"` - `"CHL"` - `"BLK"` - `"SIM"` - `order: Optional[Literal["priority", "group_id", "description"]]` Defines the field used to sort returned rules. - `"priority"` - `"group_id"` - `"description"` - `page: Optional[float]` Defines the page number of paginated results. - `per_page: Optional[float]` Defines the number of rules per page. - `priority: Optional[str]` Defines the order in which the individual WAF rule is executed within its rule group. ### Returns - `RuleListResponse` When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the 'sensitivity' property of the WAF package. - `class WAFManagedRulesAnomalyRule: …` When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the 'sensitivity' property of the WAF package. - `id: str` Defines the unique identifier of the WAF rule. - `allowed_modes: List[AllowedModesAnomaly]` Defines the available modes for the current WAF rule. Applies to anomaly detection WAF rules. - `"on"` - `"off"` - `description: str` Defines the public description of the WAF rule. - `group: WAFRuleGroup` Defines the rule group to which the current WAF rule belongs. - `id: Optional[str]` Defines the unique identifier of the rule group. - `name: Optional[str]` Defines the name of the rule group. - `mode: AllowedModesAnomaly` Defines the mode anomaly. When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules. - `"on"` - `"off"` - `package_id: str` Defines the unique identifier of a WAF package. - `priority: str` Defines the order in which the individual WAF rule is executed within its rule group. - `class WAFManagedRulesTraditionalDenyRule: …` When triggered, traditional WAF rules cause the firewall to immediately act upon the request based on the configuration of the rule. A 'deny' rule will immediately respond to the request based on the configured rule action/mode (for example, 'block') and no other rules will be processed. - `id: str` Defines the unique identifier of the WAF rule. - `allowed_modes: List[Literal["default", "disable", "simulate", 2 more]]` Defines the list of possible actions of the WAF rule when it is triggered. - `"default"` - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `default_mode: Literal["disable", "simulate", "block", "challenge"]` Defines the default action/mode of a rule. - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `description: str` Defines the public description of the WAF rule. - `group: WAFRuleGroup` Defines the rule group to which the current WAF rule belongs. - `mode: Literal["default", "disable", "simulate", 2 more]` Defines the action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules. - `"default"` - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `package_id: str` Defines the unique identifier of a WAF package. - `priority: str` Defines the order in which the individual WAF rule is executed within its rule group. - `class WAFManagedRulesTraditionalAllowRule: …` When triggered, traditional WAF rules cause the firewall to immediately act on the request based on the rule configuration. An 'allow' rule will immediately allow the request and no other rules will be processed. - `id: str` Defines the unique identifier of the WAF rule. - `allowed_modes: List[Literal["on", "off"]]` Defines the available modes for the current WAF rule. - `"on"` - `"off"` - `description: str` Defines the public description of the WAF rule. - `group: WAFRuleGroup` Defines the rule group to which the current WAF rule belongs. - `mode: Literal["on", "off"]` When set to `on`, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules. - `"on"` - `"off"` - `package_id: str` Defines the unique identifier of a WAF package. - `priority: str` Defines the order in which the individual WAF rule is executed within its rule group. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.firewall.waf.packages.rules.list( package_id="a25a9a7e9c00afc1fb2e0245519d725b", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "f939de3be84e66e757adcdcb87908023", "allowed_modes": [ "on", "off" ], "description": "SQL injection prevention for SELECT statements", "group": { "id": "de677e5818985db1285d0e80225f06e5", "name": "Project Honey Pot" }, "mode": "on", "package_id": "a25a9a7e9c00afc1fb2e0245519d725b", "priority": "priority" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get a WAF rule `firewall.waf.packages.rules.get(strrule_id, RuleGetParams**kwargs) -> RuleGetResponse` **get** `/zones/{zone_id}/firewall/waf/packages/{package_id}/rules/{rule_id}` Fetches the details of a WAF rule in a WAF package. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier of a schema. - `package_id: str` Defines the unique identifier of a WAF package. - `rule_id: str` Defines the unique identifier of a WAF package. ### Returns - `Union[Optional[str], Optional[object]]` - `Optional[str]` - `Optional[object]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) rule = client.firewall.waf.packages.rules.get( rule_id="a25a9a7e9c00afc1fb2e0245519d725b", zone_id="023e105f4ecef8ad9ca31a8372d0c353", package_id="a25a9a7e9c00afc1fb2e0245519d725b", ) print(rule) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": {}, "success": true } ``` ## Update a WAF rule `firewall.waf.packages.rules.edit(strrule_id, RuleEditParams**kwargs) -> RuleEditResponse` **patch** `/zones/{zone_id}/firewall/waf/packages/{package_id}/rules/{rule_id}` Updates a WAF rule. You can only update the mode/action of the rule. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/). ### Parameters - `zone_id: str` Defines an identifier of a schema. - `package_id: str` Defines the unique identifier of a WAF package. - `rule_id: str` Defines the unique identifier of a WAF package. - `mode: Optional[Literal["default", "disable", "simulate", 4 more]]` Defines the mode/action of the rule when triggered. You must use a value from the `allowed_modes` array of the current rule. - `"default"` - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `"on"` - `"off"` ### Returns - `RuleEditResponse` When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the 'sensitivity' property of the WAF package. - `class WAFManagedRulesAnomalyRule: …` When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the 'sensitivity' property of the WAF package. - `id: str` Defines the unique identifier of the WAF rule. - `allowed_modes: List[AllowedModesAnomaly]` Defines the available modes for the current WAF rule. Applies to anomaly detection WAF rules. - `"on"` - `"off"` - `description: str` Defines the public description of the WAF rule. - `group: WAFRuleGroup` Defines the rule group to which the current WAF rule belongs. - `id: Optional[str]` Defines the unique identifier of the rule group. - `name: Optional[str]` Defines the name of the rule group. - `mode: AllowedModesAnomaly` Defines the mode anomaly. When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules. - `"on"` - `"off"` - `package_id: str` Defines the unique identifier of a WAF package. - `priority: str` Defines the order in which the individual WAF rule is executed within its rule group. - `class WAFManagedRulesTraditionalDenyRule: …` When triggered, traditional WAF rules cause the firewall to immediately act upon the request based on the configuration of the rule. A 'deny' rule will immediately respond to the request based on the configured rule action/mode (for example, 'block') and no other rules will be processed. - `id: str` Defines the unique identifier of the WAF rule. - `allowed_modes: List[Literal["default", "disable", "simulate", 2 more]]` Defines the list of possible actions of the WAF rule when it is triggered. - `"default"` - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `default_mode: Literal["disable", "simulate", "block", "challenge"]` Defines the default action/mode of a rule. - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `description: str` Defines the public description of the WAF rule. - `group: WAFRuleGroup` Defines the rule group to which the current WAF rule belongs. - `mode: Literal["default", "disable", "simulate", 2 more]` Defines the action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules. - `"default"` - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `package_id: str` Defines the unique identifier of a WAF package. - `priority: str` Defines the order in which the individual WAF rule is executed within its rule group. - `class WAFManagedRulesTraditionalAllowRule: …` When triggered, traditional WAF rules cause the firewall to immediately act on the request based on the rule configuration. An 'allow' rule will immediately allow the request and no other rules will be processed. - `id: str` Defines the unique identifier of the WAF rule. - `allowed_modes: List[Literal["on", "off"]]` Defines the available modes for the current WAF rule. - `"on"` - `"off"` - `description: str` Defines the public description of the WAF rule. - `group: WAFRuleGroup` Defines the rule group to which the current WAF rule belongs. - `mode: Literal["on", "off"]` When set to `on`, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules. - `"on"` - `"off"` - `package_id: str` Defines the unique identifier of a WAF package. - `priority: str` Defines the order in which the individual WAF rule is executed within its rule group. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.firewall.waf.packages.rules.edit( rule_id="a25a9a7e9c00afc1fb2e0245519d725b", zone_id="023e105f4ecef8ad9ca31a8372d0c353", package_id="a25a9a7e9c00afc1fb2e0245519d725b", ) print(response) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "f939de3be84e66e757adcdcb87908023", "allowed_modes": [ "on", "off" ], "description": "SQL injection prevention for SELECT statements", "group": { "id": "de677e5818985db1285d0e80225f06e5", "name": "Project Honey Pot" }, "mode": "on", "package_id": "a25a9a7e9c00afc1fb2e0245519d725b", "priority": "priority" }, "success": true } ``` ## Domain Types ### Allowed Modes Anomaly - `Literal["on", "off"]` Defines the mode anomaly. When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules. - `"on"` - `"off"` ### WAF Rule Group - `class WAFRuleGroup: …` Defines the rule group to which the current WAF rule belongs. - `id: Optional[str]` Defines the unique identifier of the rule group. - `name: Optional[str]` Defines the name of the rule group. ### Rule List Response - `RuleListResponse` When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the 'sensitivity' property of the WAF package. - `class WAFManagedRulesAnomalyRule: …` When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the 'sensitivity' property of the WAF package. - `id: str` Defines the unique identifier of the WAF rule. - `allowed_modes: List[AllowedModesAnomaly]` Defines the available modes for the current WAF rule. Applies to anomaly detection WAF rules. - `"on"` - `"off"` - `description: str` Defines the public description of the WAF rule. - `group: WAFRuleGroup` Defines the rule group to which the current WAF rule belongs. - `id: Optional[str]` Defines the unique identifier of the rule group. - `name: Optional[str]` Defines the name of the rule group. - `mode: AllowedModesAnomaly` Defines the mode anomaly. When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules. - `"on"` - `"off"` - `package_id: str` Defines the unique identifier of a WAF package. - `priority: str` Defines the order in which the individual WAF rule is executed within its rule group. - `class WAFManagedRulesTraditionalDenyRule: …` When triggered, traditional WAF rules cause the firewall to immediately act upon the request based on the configuration of the rule. A 'deny' rule will immediately respond to the request based on the configured rule action/mode (for example, 'block') and no other rules will be processed. - `id: str` Defines the unique identifier of the WAF rule. - `allowed_modes: List[Literal["default", "disable", "simulate", 2 more]]` Defines the list of possible actions of the WAF rule when it is triggered. - `"default"` - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `default_mode: Literal["disable", "simulate", "block", "challenge"]` Defines the default action/mode of a rule. - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `description: str` Defines the public description of the WAF rule. - `group: WAFRuleGroup` Defines the rule group to which the current WAF rule belongs. - `mode: Literal["default", "disable", "simulate", 2 more]` Defines the action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules. - `"default"` - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `package_id: str` Defines the unique identifier of a WAF package. - `priority: str` Defines the order in which the individual WAF rule is executed within its rule group. - `class WAFManagedRulesTraditionalAllowRule: …` When triggered, traditional WAF rules cause the firewall to immediately act on the request based on the rule configuration. An 'allow' rule will immediately allow the request and no other rules will be processed. - `id: str` Defines the unique identifier of the WAF rule. - `allowed_modes: List[Literal["on", "off"]]` Defines the available modes for the current WAF rule. - `"on"` - `"off"` - `description: str` Defines the public description of the WAF rule. - `group: WAFRuleGroup` Defines the rule group to which the current WAF rule belongs. - `mode: Literal["on", "off"]` When set to `on`, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules. - `"on"` - `"off"` - `package_id: str` Defines the unique identifier of a WAF package. - `priority: str` Defines the order in which the individual WAF rule is executed within its rule group. ### Rule Get Response - `Union[Optional[str], Optional[object]]` - `Optional[str]` - `Optional[object]` ### Rule Edit Response - `RuleEditResponse` When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the 'sensitivity' property of the WAF package. - `class WAFManagedRulesAnomalyRule: …` When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the 'sensitivity' property of the WAF package. - `id: str` Defines the unique identifier of the WAF rule. - `allowed_modes: List[AllowedModesAnomaly]` Defines the available modes for the current WAF rule. Applies to anomaly detection WAF rules. - `"on"` - `"off"` - `description: str` Defines the public description of the WAF rule. - `group: WAFRuleGroup` Defines the rule group to which the current WAF rule belongs. - `id: Optional[str]` Defines the unique identifier of the rule group. - `name: Optional[str]` Defines the name of the rule group. - `mode: AllowedModesAnomaly` Defines the mode anomaly. When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules. - `"on"` - `"off"` - `package_id: str` Defines the unique identifier of a WAF package. - `priority: str` Defines the order in which the individual WAF rule is executed within its rule group. - `class WAFManagedRulesTraditionalDenyRule: …` When triggered, traditional WAF rules cause the firewall to immediately act upon the request based on the configuration of the rule. A 'deny' rule will immediately respond to the request based on the configured rule action/mode (for example, 'block') and no other rules will be processed. - `id: str` Defines the unique identifier of the WAF rule. - `allowed_modes: List[Literal["default", "disable", "simulate", 2 more]]` Defines the list of possible actions of the WAF rule when it is triggered. - `"default"` - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `default_mode: Literal["disable", "simulate", "block", "challenge"]` Defines the default action/mode of a rule. - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `description: str` Defines the public description of the WAF rule. - `group: WAFRuleGroup` Defines the rule group to which the current WAF rule belongs. - `mode: Literal["default", "disable", "simulate", 2 more]` Defines the action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules. - `"default"` - `"disable"` - `"simulate"` - `"block"` - `"challenge"` - `package_id: str` Defines the unique identifier of a WAF package. - `priority: str` Defines the order in which the individual WAF rule is executed within its rule group. - `class WAFManagedRulesTraditionalAllowRule: …` When triggered, traditional WAF rules cause the firewall to immediately act on the request based on the rule configuration. An 'allow' rule will immediately allow the request and no other rules will be processed. - `id: str` Defines the unique identifier of the WAF rule. - `allowed_modes: List[Literal["on", "off"]]` Defines the available modes for the current WAF rule. - `"on"` - `"off"` - `description: str` Defines the public description of the WAF rule. - `group: WAFRuleGroup` Defines the rule group to which the current WAF rule belongs. - `mode: Literal["on", "off"]` When set to `on`, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules. - `"on"` - `"off"` - `package_id: str` Defines the unique identifier of a WAF package. - `priority: str` Defines the order in which the individual WAF rule is executed within its rule group.