Skip to content
Cloudflare API
Start here
API Reference
Firewall
WAF

Packages

List WAF packages
Deprecated
firewall.waf.packages.list(PackageListParams**kwargs) -> SyncV4PagePaginationArray[object]
GET/zones/{zone_id}/firewall/waf/packages
Get a WAF package
Deprecated
firewall.waf.packages.get(strpackage_id, PackageGetParams**kwargs) -> PackageGetResponse
GET/zones/{zone_id}/firewall/waf/packages/{package_id}
ModelsExpand Collapse
One of the following:
class FirewallAPIResponseSingle:
errors: List[ResponseInfo]
code: int
minimum1000
message: str
documentation_url: Optional[str]
source: Optional[Source]
pointer: Optional[str]
messages: List[ResponseInfo]
code: int
minimum1000
message: str
documentation_url: Optional[str]
source: Optional[Source]
pointer: Optional[str]
result: Union[Optional[str], Optional[object]]
One of the following:
Optional[str]
Optional[object]
success: Literal[true]

Defines whether the API call was successful.

class Result:
result: Optional[object]

PackagesGroups

List WAF rule groups
Deprecated
firewall.waf.packages.groups.list(strpackage_id, GroupListParams**kwargs) -> SyncV4PagePaginationArray[Group]
GET/zones/{zone_id}/firewall/waf/packages/{package_id}/groups
Get a WAF rule group
Deprecated
firewall.waf.packages.groups.get(strgroup_id, GroupGetParams**kwargs) -> GroupGetResponse
GET/zones/{zone_id}/firewall/waf/packages/{package_id}/groups/{group_id}
Update a WAF rule group
Deprecated
firewall.waf.packages.groups.edit(strgroup_id, GroupEditParams**kwargs) -> GroupEditResponse
PATCH/zones/{zone_id}/firewall/waf/packages/{package_id}/groups/{group_id}
ModelsExpand Collapse
class Group:
id: str

Defines the unique identifier of the rule group.

maxLength32
description: Optional[str]

Defines an informative summary of what the rule group does.

mode: Literal["on", "off"]

Defines the state of the rules contained in the rule group. When on, the rules in the group are configurable/usable.

One of the following:
"on"
"off"
name: str

Defines the name of the rule group.

rules_count: float

Defines the number of rules in the current rule group.

allowed_modes: Optional[List[Literal["on", "off"]]]

Defines the available states for the rule group.

One of the following:
"on"
"off"
modified_rules_count: Optional[float]

Defines the number of rules within the group that have been modified from their default configuration.

package_id: Optional[str]

Defines the unique identifier of a WAF package.

maxLength32
Union[Optional[str], Optional[object]]
One of the following:
Optional[str]
Optional[object]
Union[Optional[str], Optional[object]]
One of the following:
Optional[str]
Optional[object]

PackagesRules

List WAF rules
Deprecated
firewall.waf.packages.rules.list(strpackage_id, RuleListParams**kwargs) -> SyncV4PagePaginationArray[RuleListResponse]
GET/zones/{zone_id}/firewall/waf/packages/{package_id}/rules
Get a WAF rule
Deprecated
firewall.waf.packages.rules.get(strrule_id, RuleGetParams**kwargs) -> RuleGetResponse
GET/zones/{zone_id}/firewall/waf/packages/{package_id}/rules/{rule_id}
Update a WAF rule
Deprecated
firewall.waf.packages.rules.edit(strrule_id, RuleEditParams**kwargs) -> RuleEditResponse
PATCH/zones/{zone_id}/firewall/waf/packages/{package_id}/rules/{rule_id}
ModelsExpand Collapse
Literal["on", "off"]

Defines the mode anomaly. When set to on, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.

One of the following:
"on"
"off"
class WAFRuleGroup:

Defines the rule group to which the current WAF rule belongs.

id: Optional[str]

Defines the unique identifier of the rule group.

maxLength32
name: Optional[str]

Defines the name of the rule group.

RuleListResponse

When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the ‘sensitivity’ property of the WAF package.

One of the following:
class WAFManagedRulesAnomalyRule:

When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the ‘sensitivity’ property of the WAF package.

id: str

Defines the unique identifier of the WAF rule.

maxLength32
allowed_modes: List[AllowedModesAnomaly]

Defines the available modes for the current WAF rule. Applies to anomaly detection WAF rules.

One of the following:
"on"
"off"
description: str

Defines the public description of the WAF rule.

group: WAFRuleGroup

Defines the rule group to which the current WAF rule belongs.

mode: AllowedModesAnomaly

Defines the mode anomaly. When set to on, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.

package_id: str

Defines the unique identifier of a WAF package.

maxLength32
priority: str

Defines the order in which the individual WAF rule is executed within its rule group.

class WAFManagedRulesTraditionalDenyRule:

When triggered, traditional WAF rules cause the firewall to immediately act upon the request based on the configuration of the rule. A ‘deny’ rule will immediately respond to the request based on the configured rule action/mode (for example, ‘block’) and no other rules will be processed.

id: str

Defines the unique identifier of the WAF rule.

maxLength32
allowed_modes: List[Literal["default", "disable", "simulate", 2 more]]

Defines the list of possible actions of the WAF rule when it is triggered.

One of the following:
"default"
"disable"
"simulate"
"block"
"challenge"
default_mode: Literal["disable", "simulate", "block", "challenge"]

Defines the default action/mode of a rule.

One of the following:
"disable"
"simulate"
"block"
"challenge"
description: str

Defines the public description of the WAF rule.

group: WAFRuleGroup

Defines the rule group to which the current WAF rule belongs.

mode: Literal["default", "disable", "simulate", 2 more]

Defines the action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules.

One of the following:
"default"
"disable"
"simulate"
"block"
"challenge"
package_id: str

Defines the unique identifier of a WAF package.

maxLength32
priority: str

Defines the order in which the individual WAF rule is executed within its rule group.

class WAFManagedRulesTraditionalAllowRule:

When triggered, traditional WAF rules cause the firewall to immediately act on the request based on the rule configuration. An ‘allow’ rule will immediately allow the request and no other rules will be processed.

id: str

Defines the unique identifier of the WAF rule.

maxLength32
allowed_modes: List[Literal["on", "off"]]

Defines the available modes for the current WAF rule.

One of the following:
"on"
"off"
description: str

Defines the public description of the WAF rule.

group: WAFRuleGroup

Defines the rule group to which the current WAF rule belongs.

mode: Literal["on", "off"]

When set to on, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules.

One of the following:
"on"
"off"
package_id: str

Defines the unique identifier of a WAF package.

maxLength32
priority: str

Defines the order in which the individual WAF rule is executed within its rule group.

Union[Optional[str], Optional[object]]
One of the following:
Optional[str]
Optional[object]
RuleEditResponse

When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the ‘sensitivity’ property of the WAF package.

One of the following:
class WAFManagedRulesAnomalyRule:

When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the ‘sensitivity’ property of the WAF package.

id: str

Defines the unique identifier of the WAF rule.

maxLength32
allowed_modes: List[AllowedModesAnomaly]

Defines the available modes for the current WAF rule. Applies to anomaly detection WAF rules.

One of the following:
"on"
"off"
description: str

Defines the public description of the WAF rule.

group: WAFRuleGroup

Defines the rule group to which the current WAF rule belongs.

mode: AllowedModesAnomaly

Defines the mode anomaly. When set to on, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.

package_id: str

Defines the unique identifier of a WAF package.

maxLength32
priority: str

Defines the order in which the individual WAF rule is executed within its rule group.

class WAFManagedRulesTraditionalDenyRule:

When triggered, traditional WAF rules cause the firewall to immediately act upon the request based on the configuration of the rule. A ‘deny’ rule will immediately respond to the request based on the configured rule action/mode (for example, ‘block’) and no other rules will be processed.

id: str

Defines the unique identifier of the WAF rule.

maxLength32
allowed_modes: List[Literal["default", "disable", "simulate", 2 more]]

Defines the list of possible actions of the WAF rule when it is triggered.

One of the following:
"default"
"disable"
"simulate"
"block"
"challenge"
default_mode: Literal["disable", "simulate", "block", "challenge"]

Defines the default action/mode of a rule.

One of the following:
"disable"
"simulate"
"block"
"challenge"
description: str

Defines the public description of the WAF rule.

group: WAFRuleGroup

Defines the rule group to which the current WAF rule belongs.

mode: Literal["default", "disable", "simulate", 2 more]

Defines the action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules.

One of the following:
"default"
"disable"
"simulate"
"block"
"challenge"
package_id: str

Defines the unique identifier of a WAF package.

maxLength32
priority: str

Defines the order in which the individual WAF rule is executed within its rule group.

class WAFManagedRulesTraditionalAllowRule:

When triggered, traditional WAF rules cause the firewall to immediately act on the request based on the rule configuration. An ‘allow’ rule will immediately allow the request and no other rules will be processed.

id: str

Defines the unique identifier of the WAF rule.

maxLength32
allowed_modes: List[Literal["on", "off"]]

Defines the available modes for the current WAF rule.

One of the following:
"on"
"off"
description: str

Defines the public description of the WAF rule.

group: WAFRuleGroup

Defines the rule group to which the current WAF rule belongs.

mode: Literal["on", "off"]

When set to on, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules.

One of the following:
"on"
"off"
package_id: str

Defines the unique identifier of a WAF package.

maxLength32
priority: str

Defines the order in which the individual WAF rule is executed within its rule group.