Zones
ModelsExpand Collapse
class Zone: …
The last time proof of ownership was detected and the zone was made active.
The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is 0.
The domain name. Per RFC 1035 the overall zone name can be up to 253 characters, with each segment ("label") not exceeding 63 characters.
Deprecatedplan: PlanPlease use the `/zones/{zone_id}/subscription` API
to update a zone's plan. Changing this value will create/cancel
associated subscriptions. To view available plans for this zone,
see [Zone Plans](https://developers.cloudflare.com/api/resources/zones/subresources/plans/).A Zones subscription information.
A Zones subscription information.
Indicates whether the zone is only using Cloudflare DNS services. A true value means the zone will not receive security or performance benefits.
Legacy permissions based on legacy user membership information.
status: Optional[Literal["initializing", "pending", "active", "moved"]]The zone status on Cloudflare.
The zone status on Cloudflare.
tenant: Optional[Tenant]The root organizational unit that this zone belongs to (such as a tenant or organization).
The root organizational unit that this zone belongs to (such as a tenant or organization).
tenant_unit: Optional[TenantUnit]The immediate parent organizational unit that this zone belongs to (such as under a tenant or sub-organization).
The immediate parent organizational unit that this zone belongs to (such as under a tenant or sub-organization).
A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup.
ZonesActivation Check
Rerun the Activation Check
ZonesSettings
Get zone setting
Edit zone setting
ModelsExpand Collapse
class AdvancedDDoS: …Advanced protection from Distributed Denial of Service (DDoS) attacks on your website. This is an uneditable value that is 'on' in the case of Business and Enterprise zones.
Advanced protection from Distributed Denial of Service (DDoS) attacks on your website. This is an uneditable value that is 'on' in the case of Business and Enterprise zones.
class AlwaysOnline: …When enabled, Cloudflare serves limited copies of web pages available from the Internet Archive's Wayback Machine if your server is offline. Refer to Always Online for more information.
When enabled, Cloudflare serves limited copies of web pages available from the Internet Archive's Wayback Machine if your server is offline. Refer to Always Online for more information.
class AutomaticPlatformOptimization: …
Indicates whether or not cache by device type is enabled.
An array of hostnames where Automatic Platform Optimization for WordPress is activated.
Indicates whether or not Cloudflare for WordPress plugin is installed.
class CacheLevel: …
value: Optional[Literal["bypass", "basic", "simplified", 2 more]]
bypass: Cloudflare does not cache.basic: Delivers resources from cache when there is no query
string.simplified: Delivers the same resource to everyone independent
of the query string.aggressive: Caches all static content that has a query string.cache_everything: Treats all content as static and caches all
file types beyond the Cloudflare default cached
content.
bypass: Cloudflare does not cache.basic: Delivers resources from cache when there is no query string.simplified: Delivers the same resource to everyone independent of the query string.aggressive: Caches all static content that has a query string.cache_everything: Treats all content as static and caches all file types beyond the Cloudflare default cached content.
class ChallengeTTL: …Specify how long a visitor is allowed access to your site after successfully completing a challenge (such as a CAPTCHA). After the TTL has expired the visitor will have to complete a new challenge. We recommend a 15 - 45 minute setting and will attempt to honor any setting above 45 minutes. (https://support.cloudflare.com/hc/en-us/articles/200170136).
Specify how long a visitor is allowed access to your site after successfully completing a challenge (such as a CAPTCHA). After the TTL has expired the visitor will have to complete a new challenge. We recommend a 15 - 45 minute setting and will attempt to honor any setting above 45 minutes. (https://support.cloudflare.com/hc/en-us/articles/200170136).
class DevelopmentMode: …Development Mode temporarily allows you to enter development mode for your websites if you need to make changes to your site. This will bypass Cloudflare's accelerated cache and slow down your site, but is useful if you are making changes to cacheable content (like images, css, or JavaScript) and would like to see those changes right away. Once entered, development mode will last for 3 hours and then automatically toggle off.
Development Mode temporarily allows you to enter development mode for your websites if you need to make changes to your site. This will bypass Cloudflare's accelerated cache and slow down your site, but is useful if you are making changes to cacheable content (like images, css, or JavaScript) and would like to see those changes right away. Once entered, development mode will last for 3 hours and then automatically toggle off.
class EarlyHints: …When enabled, Cloudflare will attempt to speed up overall page loads by serving 103 responses with Link headers from the final response. Refer to Early Hints for more information.
When enabled, Cloudflare will attempt to speed up overall page loads by serving 103 responses with Link headers from the final response. Refer to Early Hints for more information.
class FontSettings: …Enhance your website's font delivery with Cloudflare Fonts. Deliver Google Hosted fonts from your own domain,
boost performance, and enhance user privacy. Refer to the Cloudflare Fonts documentation for more information.
Enhance your website's font delivery with Cloudflare Fonts. Deliver Google Hosted fonts from your own domain, boost performance, and enhance user privacy. Refer to the Cloudflare Fonts documentation for more information.
class H2Prioritization: …HTTP/2 Edge Prioritization optimises the delivery of resources served through HTTP/2 to improve page load performance. It also supports fine control of content delivery when used in conjunction with Workers.
HTTP/2 Edge Prioritization optimises the delivery of resources served through HTTP/2 to improve page load performance. It also supports fine control of content delivery when used in conjunction with Workers.
class HotlinkProtection: …When enabled, the Hotlink Protection option ensures that other sites cannot suck up your bandwidth by building pages that use images hosted on your site. Anytime a request for an image on your site hits Cloudflare, we check to ensure that it's not another site requesting them. People will still be able to download and view images from your page, but other sites won't be able to steal them for use on their own pages. (https://support.cloudflare.com/hc/en-us/articles/200170026).
When enabled, the Hotlink Protection option ensures that other sites cannot suck up your bandwidth by building pages that use images hosted on your site. Anytime a request for an image on your site hits Cloudflare, we check to ensure that it's not another site requesting them. People will still be able to download and view images from your page, but other sites won't be able to steal them for use on their own pages. (https://support.cloudflare.com/hc/en-us/articles/200170026).
class ImageResizing: …Image Transformations provides on-demand resizing, conversion and optimization for images served through Cloudflare's network. Refer to the Image Transformations documentation for more information.
Image Transformations provides on-demand resizing, conversion and optimization for images served through Cloudflare's network. Refer to the Image Transformations documentation for more information.
class IPV6: …Enable IPv6 on all subdomains that are Cloudflare enabled. (https://support.cloudflare.com/hc/en-us/articles/200168586).
Enable IPv6 on all subdomains that are Cloudflare enabled. (https://support.cloudflare.com/hc/en-us/articles/200168586).
class MinTLSVersion: …Only accepts HTTPS requests that use at least the TLS protocol version specified. For example, if TLS 1.1 is selected, TLS 1.0 connections will be rejected, while 1.1, 1.2, and 1.3 (if enabled) will be permitted.
Only accepts HTTPS requests that use at least the TLS protocol version specified. For example, if TLS 1.1 is selected, TLS 1.0 connections will be rejected, while 1.1, 1.2, and 1.3 (if enabled) will be permitted.
class SecurityHeaders: …Cloudflare security header for a zone.
Cloudflare security header for a zone.
class ServerSideExcludes: …If there is sensitive content on your website that you want visible to real visitors, but that you want to hide from suspicious visitors, all you have to do is wrap the content with Cloudflare SSE tags. Wrap any content that you want to be excluded from suspicious visitors in the following SSE tags: . For example: Bad visitors won't see my phone number, 555-555-5555 . Note: SSE only will work with HTML. If you have HTML minification enabled, you won't see the SSE tags in your HTML source when it's served through Cloudflare. SSE will still function in this case, as Cloudflare's HTML minification and SSE functionality occur on-the-fly as the resource moves through our network to the visitor's computer. (https://support.cloudflare.com/hc/en-us/articles/200170036).
If there is sensitive content on your website that you want visible to real visitors, but that you want to hide from suspicious visitors, all you have to do is wrap the content with Cloudflare SSE tags. Wrap any content that you want to be excluded from suspicious visitors in the following SSE tags: . For example: Bad visitors won't see my phone number, 555-555-5555 . Note: SSE only will work with HTML. If you have HTML minification enabled, you won't see the SSE tags in your HTML source when it's served through Cloudflare. SSE will still function in this case, as Cloudflare's HTML minification and SSE functionality occur on-the-fly as the resource moves through our network to the visitor's computer. (https://support.cloudflare.com/hc/en-us/articles/200170036).
class WAF: …
Turn on or off WAF managed rules (previous version, deprecated). You cannot enable or disable individual WAF managed rules via Page Rules.
class WebP: …When the client requesting the image supports the WebP image codec, and WebP offers a performance advantage over the original image format, Cloudflare will serve a WebP version of the original image.
When the client requesting the image supports the WebP image codec, and WebP offers a performance advantage over the original image format, Cloudflare will serve a WebP version of the original image.
class Websocket: …WebSockets are open connections sustained between the client and the origin server. Inside a WebSockets connection, the client and the origin can pass data back and forth without having to reestablish sessions. This makes exchanging data within a WebSockets connection fast. WebSockets are often used for real-time applications such as live chat and gaming. For more information refer to Can I use Cloudflare with Websockets.
WebSockets are open connections sustained between the client and the origin server. Inside a WebSockets connection, the client and the origin can pass data back and forth without having to reestablish sessions. This makes exchanging data within a WebSockets connection fast. WebSockets are often used for real-time applications such as live chat and gaming. For more information refer to Can I use Cloudflare with Websockets.
0-RTT session resumption enabled for this zone.
0-RTT session resumption enabled for this zone.
class ZeroRTT: …0-RTT session resumption enabled for this zone.
0-RTT session resumption enabled for this zone.
class AdvancedDDoS: …Advanced protection from Distributed Denial of Service (DDoS) attacks on your website. This is an uneditable value that is 'on' in the case of Business and Enterprise zones.
Advanced protection from Distributed Denial of Service (DDoS) attacks on your website. This is an uneditable value that is 'on' in the case of Business and Enterprise zones.
class ZonesCacheRulesAegis: …Aegis provides dedicated egress IPs (from Cloudflare to your origin) for your layer 7 WAF and CDN services. The egress IPs are reserved exclusively for your account so that you can increase your origin security by only allowing traffic from a small list of IP addresses.
Aegis provides dedicated egress IPs (from Cloudflare to your origin) for your layer 7 WAF and CDN services. The egress IPs are reserved exclusively for your account so that you can increase your origin security by only allowing traffic from a small list of IP addresses.
class AlwaysOnline: …When enabled, Cloudflare serves limited copies of web pages available from the Internet Archive's Wayback Machine if your server is offline. Refer to Always Online for more information.
When enabled, Cloudflare serves limited copies of web pages available from the Internet Archive's Wayback Machine if your server is offline. Refer to Always Online for more information.
class ZonesSchemasAlwaysUseHTTPS: …Reply to all requests for URLs that use "http" with a 301 redirect to the equivalent "https" URL. If you only want to redirect for a subset of requests, consider creating an "Always use HTTPS" page rule.
Reply to all requests for URLs that use "http" with a 301 redirect to the equivalent "https" URL. If you only want to redirect for a subset of requests, consider creating an "Always use HTTPS" page rule.
class ZonesSchemasAutomaticHTTPSRewrites: …Enable the Automatic HTTPS Rewrites feature for this zone.
Enable the Automatic HTTPS Rewrites feature for this zone.
class Brotli: …When the client requesting an asset supports the Brotli compression algorithm, Cloudflare will serve a Brotli compressed version of the asset.
When the client requesting an asset supports the Brotli compression algorithm, Cloudflare will serve a Brotli compressed version of the asset.
class ZonesSchemasBrowserCacheTTL: …Browser Cache TTL (in seconds) specifies how long Cloudflare-cached resources will remain on your visitors' computers. Cloudflare will honor any larger times specified by your server. (https://support.cloudflare.com/hc/en-us/articles/200168276).
Browser Cache TTL (in seconds) specifies how long Cloudflare-cached resources will remain on your visitors' computers. Cloudflare will honor any larger times specified by your server. (https://support.cloudflare.com/hc/en-us/articles/200168276).
class ZonesSchemasBrowserCheck: …Browser Integrity Check is similar to Bad Behavior and looks for common HTTP headers abused most commonly by spammers and denies access to your page. It will also challenge visitors that do not have a user agent or a non standard user agent (also commonly used by abuse bots, crawlers or visitors). (https://support.cloudflare.com/hc/en-us/articles/200170086).
Browser Integrity Check is similar to Bad Behavior and looks for common HTTP headers abused most commonly by spammers and denies access to your page. It will also challenge visitors that do not have a user agent or a non standard user agent (also commonly used by abuse bots, crawlers or visitors). (https://support.cloudflare.com/hc/en-us/articles/200170086).
class ZonesSchemasCacheLevel: …Cache Level functions based off the setting level. The basic setting will cache most static resources (i.e., css, images, and JavaScript). The simplified setting will ignore the query string when delivering a cached resource. The aggressive setting will cache all static resources, including ones with a query string. (https://support.cloudflare.com/hc/en-us/articles/200168256).
Cache Level functions based off the setting level. The basic setting will cache most static resources (i.e., css, images, and JavaScript). The simplified setting will ignore the query string when delivering a cached resource. The aggressive setting will cache all static resources, including ones with a query string. (https://support.cloudflare.com/hc/en-us/articles/200168256).
class ChallengeTTL: …Specify how long a visitor is allowed access to your site after successfully completing a challenge (such as a CAPTCHA). After the TTL has expired the visitor will have to complete a new challenge. We recommend a 15 - 45 minute setting and will attempt to honor any setting above 45 minutes. (https://support.cloudflare.com/hc/en-us/articles/200170136).
Specify how long a visitor is allowed access to your site after successfully completing a challenge (such as a CAPTCHA). After the TTL has expired the visitor will have to complete a new challenge. We recommend a 15 - 45 minute setting and will attempt to honor any setting above 45 minutes. (https://support.cloudflare.com/hc/en-us/articles/200170136).
class ZonesChinaNetworkEnabled: …Determines whether or not the china network is enabled.
Determines whether or not the china network is enabled.
class ZonesContentConverter: …When enabled and the client sends an Accept header requesting text/markdown,
Cloudflare will convert HTML responses to Markdown format using the toMarkdown() service.
Refer to the developer documentation for more information.
When enabled and the client sends an Accept header requesting text/markdown, Cloudflare will convert HTML responses to Markdown format using the toMarkdown() service. Refer to the developer documentation for more information.
class Ciphers: …An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.
An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.
class ZonesCNAMEFlattening: …Whether or not cname flattening is on.
Whether or not cname flattening is on.
Deprecatedvalue: Literal["flatten_at_root", "flatten_all"]This zone setting is deprecated; please use the DNS Settings route instead. More information at https://developers.cloudflare.com/fundamentals/api/reference/deprecations/#2025-03-21Current value of the zone setting.
Current value of the zone setting.
class DevelopmentMode: …Development Mode temporarily allows you to enter development mode for your websites if you need to make changes to your site. This will bypass Cloudflare's accelerated cache and slow down your site, but is useful if you are making changes to cacheable content (like images, css, or JavaScript) and would like to see those changes right away. Once entered, development mode will last for 3 hours and then automatically toggle off.
Development Mode temporarily allows you to enter development mode for your websites if you need to make changes to your site. This will bypass Cloudflare's accelerated cache and slow down your site, but is useful if you are making changes to cacheable content (like images, css, or JavaScript) and would like to see those changes right away. Once entered, development mode will last for 3 hours and then automatically toggle off.
class EarlyHints: …When enabled, Cloudflare will attempt to speed up overall page loads by serving 103 responses with Link headers from the final response. Refer to Early Hints for more information.
When enabled, Cloudflare will attempt to speed up overall page loads by serving 103 responses with Link headers from the final response. Refer to Early Hints for more information.
class ZonesSchemasEdgeCacheTTL: …Time (in seconds) that a resource will be ensured to remain on Cloudflare's cache servers.
Time (in seconds) that a resource will be ensured to remain on Cloudflare's cache servers.
class ZonesSchemasEmailObfuscation: …Encrypt email adresses on your web page from bots, while keeping them visible to humans. (https://support.cloudflare.com/hc/en-us/articles/200170016).
Encrypt email adresses on your web page from bots, while keeping them visible to humans. (https://support.cloudflare.com/hc/en-us/articles/200170016).
class H2Prioritization: …HTTP/2 Edge Prioritization optimises the delivery of resources served through HTTP/2 to improve page load performance. It also supports fine control of content delivery when used in conjunction with Workers.
HTTP/2 Edge Prioritization optimises the delivery of resources served through HTTP/2 to improve page load performance. It also supports fine control of content delivery when used in conjunction with Workers.
class HotlinkProtection: …When enabled, the Hotlink Protection option ensures that other sites cannot suck up your bandwidth by building pages that use images hosted on your site. Anytime a request for an image on your site hits Cloudflare, we check to ensure that it's not another site requesting them. People will still be able to download and view images from your page, but other sites won't be able to steal them for use on their own pages. (https://support.cloudflare.com/hc/en-us/articles/200170026).
When enabled, the Hotlink Protection option ensures that other sites cannot suck up your bandwidth by building pages that use images hosted on your site. Anytime a request for an image on your site hits Cloudflare, we check to ensure that it's not another site requesting them. People will still be able to download and view images from your page, but other sites won't be able to steal them for use on their own pages. (https://support.cloudflare.com/hc/en-us/articles/200170026).
class HTTP2: …HTTP2 enabled for this zone.
HTTP2 enabled for this zone.
class HTTP3: …HTTP3 enabled for this zone.
HTTP3 enabled for this zone.
class ImageResizing: …Image Transformations provides on-demand resizing, conversion and optimization for images served through Cloudflare's network. Refer to the Image Transformations documentation for more information.
Image Transformations provides on-demand resizing, conversion and optimization for images served through Cloudflare's network. Refer to the Image Transformations documentation for more information.
class ZonesSchemasIPGeolocation: …Enable IP Geolocation to have Cloudflare geolocate visitors to your website and pass the country code to you. (https://support.cloudflare.com/hc/en-us/articles/200168236).
Enable IP Geolocation to have Cloudflare geolocate visitors to your website and pass the country code to you. (https://support.cloudflare.com/hc/en-us/articles/200168236).
class IPV6: …Enable IPv6 on all subdomains that are Cloudflare enabled. (https://support.cloudflare.com/hc/en-us/articles/200168586).
Enable IPv6 on all subdomains that are Cloudflare enabled. (https://support.cloudflare.com/hc/en-us/articles/200168586).
class ZonesMaxUpload: …Maximum size of an allowable upload.
Maximum size of an allowable upload.
class MinTLSVersion: …Only accepts HTTPS requests that use at least the TLS protocol version specified. For example, if TLS 1.1 is selected, TLS 1.0 connections will be rejected, while 1.1, 1.2, and 1.3 (if enabled) will be permitted.
Only accepts HTTPS requests that use at least the TLS protocol version specified. For example, if TLS 1.1 is selected, TLS 1.0 connections will be rejected, while 1.1, 1.2, and 1.3 (if enabled) will be permitted.
class ZonesSchemasMirage: …Automatically optimize image loading for website visitors on mobile
devices. Refer to our blog post
for more information.
Automatically optimize image loading for website visitors on mobile devices. Refer to our blog post for more information.
Deprecatedvalue: Literal["on", "off"]Mirage is being deprecated. More information at https://developers.cloudflare.com/speed/optimization/images/mirage/Current value of the zone setting.
Current value of the zone setting.
class NEL: …Enable Network Error Logging reporting on your zone. (Beta)
Enable Network Error Logging reporting on your zone. (Beta)
class ZonesSchemasOpportunisticEncryption: …Enables the Opportunistic Encryption feature for a zone.
Enables the Opportunistic Encryption feature for a zone.
class OpportunisticOnion: …Add an Alt-Svc header to all legitimate requests from Tor, allowing the connection to use our onion services instead of exit nodes.
Add an Alt-Svc header to all legitimate requests from Tor, allowing the connection to use our onion services instead of exit nodes.
class OrangeToOrange: …Orange to Orange (O2O) allows zones on Cloudflare to CNAME to other zones also on Cloudflare.
Orange to Orange (O2O) allows zones on Cloudflare to CNAME to other zones also on Cloudflare.
class ZonesSchemasOriginErrorPagePassThru: …Cloudflare will proxy customer error pages on any 502,504 errors on origin server instead of showing a default Cloudflare error page. This does not apply to 522 errors and is limited to Enterprise Zones.
Cloudflare will proxy customer error pages on any 502,504 errors on origin server instead of showing a default Cloudflare error page. This does not apply to 522 errors and is limited to Enterprise Zones.
class ZonesCacheRulesOriginH2MaxStreams: …Origin H2 Max Streams configures the max number of concurrent requests that Cloudflare will send within the same connection when communicating with the origin server, if the origin supports it. Note that if your origin does not support H2 multiplexing, 5xx errors may be observed, particularly 520s. Also note that the default value is 100 for all plan types except Enterprise where it is 1. 1 means that H2 multiplexing is disabled.
Origin H2 Max Streams configures the max number of concurrent requests that Cloudflare will send within the same connection when communicating with the origin server, if the origin supports it. Note that if your origin does not support H2 multiplexing, 5xx errors may be observed, particularly 520s. Also note that the default value is 100 for all plan types except Enterprise where it is 1. 1 means that H2 multiplexing is disabled.
class ZonesCacheRulesOriginMaxHTTPVersion: …Origin Max HTTP Setting Version sets the highest HTTP version Cloudflare will attempt to use with your origin. This setting allows Cloudflare to make HTTP/2 requests to your origin. (Refer to Enable HTTP/2 to Origin, for more information.). The default value is "2" for all plan types except Enterprise where it is "1".
Origin Max HTTP Setting Version sets the highest HTTP version Cloudflare will attempt to use with your origin. This setting allows Cloudflare to make HTTP/2 requests to your origin. (Refer to Enable HTTP/2 to Origin, for more information.). The default value is "2" for all plan types except Enterprise where it is "1".
class ZonesSchemasPolish: …Removes metadata and compresses your images for faster page load times. Basic (Lossless): Reduce the size of PNG, JPEG, and GIF files - no impact on visual quality. Basic + JPEG (Lossy): Further reduce the size of JPEG files for faster image loading. Larger JPEGs are converted to progressive images, loading a lower-resolution image first and ending in a higher-resolution version. Not recommended for hi-res photography sites.
Removes metadata and compresses your images for faster page load times. Basic (Lossless): Reduce the size of PNG, JPEG, and GIF files - no impact on visual quality. Basic + JPEG (Lossy): Further reduce the size of JPEG files for faster image loading. Larger JPEGs are converted to progressive images, loading a lower-resolution image first and ending in a higher-resolution version. Not recommended for hi-res photography sites.
class PrefetchPreload: …Cloudflare will prefetch any URLs that are included in the response headers. This is limited to Enterprise Zones.
Cloudflare will prefetch any URLs that are included in the response headers. This is limited to Enterprise Zones.
class ZonesPrivacyPass: …Privacy Pass v1 was a browser extension developed by the Privacy Pass Team to improve the browsing experience for your visitors by allowing users to reduce the number of CAPTCHAs shown. (https://support.cloudflare.com/hc/en-us/articles/115001992652-Privacy-Pass).
Privacy Pass v1 was a browser extension developed by the Privacy Pass Team to improve the browsing experience for your visitors by allowing users to reduce the number of CAPTCHAs shown. (https://support.cloudflare.com/hc/en-us/articles/115001992652-Privacy-Pass).
Deprecatedvalue: Literal["on", "off"]Privacy Pass v1 was deprecated in 2023. (Announcement - https://blog.cloudflare.com/privacy-pass-standard/) and (API deprecation details - https://developers.cloudflare.com/fundamentals/api/reference/deprecations/#2024-03-31)Current value of the zone setting.
Current value of the zone setting.
class ProxyReadTimeout: …Maximum time between two read operations from origin.
Maximum time between two read operations from origin.
class PseudoIPV4: …The value set for the Pseudo IPv4 setting.
The value set for the Pseudo IPv4 setting.
class ZonesRedirectsForAITraining: …When enabled, Cloudflare will redirect verified AI training crawlers to canonical URLs
found in the HTML response, ensuring AI models train on authoritative content.
When enabled, Cloudflare will redirect verified AI training crawlers to canonical URLs found in the HTML response, ensuring AI models train on authoritative content.
class ZonesReplaceInsecureJS: …Automatically replace insecure JavaScript libraries with safer and faster alternatives provided under cdnjs and powered by Cloudflare. Currently supports the following libraries: Polyfill under polyfill.io.
Automatically replace insecure JavaScript libraries with safer and faster alternatives provided under cdnjs and powered by Cloudflare. Currently supports the following libraries: Polyfill under polyfill.io.
class ZonesSchemasResponseBuffering: …Enables or disables buffering of responses from the proxied server. Cloudflare may buffer the whole payload to deliver it at once to the client versus allowing it to be delivered in chunks. By default, the proxied server streams directly and is not buffered by Cloudflare. This is limited to Enterprise Zones.
Enables or disables buffering of responses from the proxied server. Cloudflare may buffer the whole payload to deliver it at once to the client versus allowing it to be delivered in chunks. By default, the proxied server streams directly and is not buffered by Cloudflare. This is limited to Enterprise Zones.
class ZonesSchemasRocketLoader: …Rocket Loader is a general-purpose asynchronous JavaScript optimisation that prioritises rendering your content while loading your site's Javascript asynchronously. Turning on Rocket Loader will immediately improve a web page's rendering time sometimes measured as Time to First Paint (TTFP), and also the window.onload time (assuming there is JavaScript on the page). This can have a positive impact on your Google search ranking. When turned on, Rocket Loader will automatically defer the loading of all Javascript referenced in your HTML, with no configuration required. Refer to Understanding Rocket Loader for more information.
Rocket Loader is a general-purpose asynchronous JavaScript optimisation that prioritises rendering your content while loading your site's Javascript asynchronously. Turning on Rocket Loader will immediately improve a web page's rendering time sometimes measured as Time to First Paint (TTFP), and also the window.onload time (assuming there is JavaScript on the page). This can have a positive impact on your Google search ranking. When turned on, Rocket Loader will automatically defer the loading of all Javascript referenced in your HTML, with no configuration required. Refer to Understanding Rocket Loader for more information.
class ZonesSchemasAutomaticPlatformOptimization: …Automatic Platform Optimization for WordPress serves your WordPress site from Cloudflare's edge network and caches third-party fonts.
Automatic Platform Optimization for WordPress serves your WordPress site from Cloudflare's edge network and caches third-party fonts.
class SecurityHeaders: …Cloudflare security header for a zone.
Cloudflare security header for a zone.
class ZonesSchemasSecurityLevel: …Choose the appropriate security profile for your website, which will automatically adjust each of the security settings. If you choose to customize an individual security setting, the profile will become Custom. (https://support.cloudflare.com/hc/en-us/articles/200170056).
Choose the appropriate security profile for your website, which will automatically adjust each of the security settings. If you choose to customize an individual security setting, the profile will become Custom. (https://support.cloudflare.com/hc/en-us/articles/200170056).
class ServerSideExcludes: …If there is sensitive content on your website that you want visible to real visitors, but that you want to hide from suspicious visitors, all you have to do is wrap the content with Cloudflare SSE tags. Wrap any content that you want to be excluded from suspicious visitors in the following SSE tags: . For example: Bad visitors won't see my phone number, 555-555-5555 . Note: SSE only will work with HTML. If you have HTML minification enabled, you won't see the SSE tags in your HTML source when it's served through Cloudflare. SSE will still function in this case, as Cloudflare's HTML minification and SSE functionality occur on-the-fly as the resource moves through our network to the visitor's computer. (https://support.cloudflare.com/hc/en-us/articles/200170036).
If there is sensitive content on your website that you want visible to real visitors, but that you want to hide from suspicious visitors, all you have to do is wrap the content with Cloudflare SSE tags. Wrap any content that you want to be excluded from suspicious visitors in the following SSE tags: . For example: Bad visitors won't see my phone number, 555-555-5555 . Note: SSE only will work with HTML. If you have HTML minification enabled, you won't see the SSE tags in your HTML source when it's served through Cloudflare. SSE will still function in this case, as Cloudflare's HTML minification and SSE functionality occur on-the-fly as the resource moves through our network to the visitor's computer. (https://support.cloudflare.com/hc/en-us/articles/200170036).
class ZonesSha1Support: …Allow SHA1 support.
Allow SHA1 support.
class ZonesSchemasSortQueryStringForCache: …Cloudflare will treat files with the same query strings as the same file in cache, regardless of the order of the query strings. This is limited to Enterprise Zones.
Cloudflare will treat files with the same query strings as the same file in cache, regardless of the order of the query strings. This is limited to Enterprise Zones.
class ZonesSchemasSSL: …SSL encrypts your visitor's connection and safeguards credit card numbers and other personal data to and from your website. SSL can take up to 5 minutes to fully activate. Requires Cloudflare active on your root domain or www domain. Off: no SSL between the visitor and Cloudflare, and no SSL between Cloudflare and your web server (all HTTP traffic). Flexible: SSL between the visitor and Cloudflare -- visitor sees HTTPS on your site, but no SSL between Cloudflare and your web server. You don't need to have an SSL cert on your web server, but your vistors will still see the site as being HTTPS enabled. Full: SSL between the visitor and Cloudflare -- visitor sees HTTPS on your site, and SSL between Cloudflare and your web server. You'll need to have your own SSL cert or self-signed cert at the very least. Full (Strict): SSL between the visitor and Cloudflare -- visitor sees HTTPS on your site, and SSL between Cloudflare and your web server. You'll need to have a valid SSL certificate installed on your web server. This certificate must be signed by a certificate authority, have an expiration date in the future, and respond for the request domain name (hostname). (https://support.cloudflare.com/hc/en-us/articles/200170416).
SSL encrypts your visitor's connection and safeguards credit card numbers and other personal data to and from your website. SSL can take up to 5 minutes to fully activate. Requires Cloudflare active on your root domain or www domain. Off: no SSL between the visitor and Cloudflare, and no SSL between Cloudflare and your web server (all HTTP traffic). Flexible: SSL between the visitor and Cloudflare -- visitor sees HTTPS on your site, but no SSL between Cloudflare and your web server. You don't need to have an SSL cert on your web server, but your vistors will still see the site as being HTTPS enabled. Full: SSL between the visitor and Cloudflare -- visitor sees HTTPS on your site, and SSL between Cloudflare and your web server. You'll need to have your own SSL cert or self-signed cert at the very least. Full (Strict): SSL between the visitor and Cloudflare -- visitor sees HTTPS on your site, and SSL between Cloudflare and your web server. You'll need to have a valid SSL certificate installed on your web server. This certificate must be signed by a certificate authority, have an expiration date in the future, and respond for the request domain name (hostname). (https://support.cloudflare.com/hc/en-us/articles/200170416).
class SSLRecommender: …Enrollment in the SSL/TLS Recommender service which tries to detect and recommend (by sending periodic emails) the most secure SSL/TLS setting your origin servers support.
Enrollment in the SSL/TLS Recommender service which tries to detect and recommend (by sending periodic emails) the most secure SSL/TLS setting your origin servers support.
class ZonesTLS1_2Only: …Only allows TLS1.2.
Only allows TLS1.2.
class TLS1_3: …Enables Crypto TLS 1.3 feature for a zone.
Enables Crypto TLS 1.3 feature for a zone.
class TLSClientAuth: …TLS Client Auth requires Cloudflare to connect to your origin server using a client certificate (Enterprise Only).
TLS Client Auth requires Cloudflare to connect to your origin server using a client certificate (Enterprise Only).
class ZonesTransformations: …Media Transformations provides on-demand resizing, conversion and optimization for images and video served through Cloudflare's network. Refer to the Image Transformations and Video Transformations documentation for more information.
Media Transformations provides on-demand resizing, conversion and optimization for images and video served through Cloudflare's network. Refer to the Image Transformations and Video Transformations documentation for more information.
ID of the zone setting. Shared between Image Transformations and Video Transformations.
class ZonesTransformationsAllowedOrigins: …Media Transformations Allowed Origins restricts transformations for images and video served through Cloudflare's network. Refer to the Image Transformations and Video Transformations documentation for more information.
Media Transformations Allowed Origins restricts transformations for images and video served through Cloudflare's network. Refer to the Image Transformations and Video Transformations documentation for more information.
class ZonesSchemasTrueClientIPHeader: …Allows customer to continue to use True Client IP (Akamai feature) in the headers we send to the origin. This is limited to Enterprise Zones.
Allows customer to continue to use True Client IP (Akamai feature) in the headers we send to the origin. This is limited to Enterprise Zones.
class ZonesSchemasWAF: …The WAF examines HTTP requests to your website. It inspects both GET and POST requests and applies rules to help filter out illegitimate traffic from legitimate website visitors. The Cloudflare WAF inspects website addresses or URLs to detect anything out of the ordinary. If the Cloudflare WAF determines suspicious user behavior, then the WAF will 'challenge' the web visitor with a page that asks them to submit a CAPTCHA successfully to continue their action. If the challenge is failed, the action will be stopped. What this means is that Cloudflare's WAF will block any traffic identified as illegitimate before it reaches your origin web server. (https://support.cloudflare.com/hc/en-us/articles/200172016).
The WAF examines HTTP requests to your website. It inspects both GET and POST requests and applies rules to help filter out illegitimate traffic from legitimate website visitors. The Cloudflare WAF inspects website addresses or URLs to detect anything out of the ordinary. If the Cloudflare WAF determines suspicious user behavior, then the WAF will 'challenge' the web visitor with a page that asks them to submit a CAPTCHA successfully to continue their action. If the challenge is failed, the action will be stopped. What this means is that Cloudflare's WAF will block any traffic identified as illegitimate before it reaches your origin web server. (https://support.cloudflare.com/hc/en-us/articles/200172016).
class WebP: …When the client requesting the image supports the WebP image codec, and WebP offers a performance advantage over the original image format, Cloudflare will serve a WebP version of the original image.
When the client requesting the image supports the WebP image codec, and WebP offers a performance advantage over the original image format, Cloudflare will serve a WebP version of the original image.
class Websocket: …WebSockets are open connections sustained between the client and the origin server. Inside a WebSockets connection, the client and the origin can pass data back and forth without having to reestablish sessions. This makes exchanging data within a WebSockets connection fast. WebSockets are often used for real-time applications such as live chat and gaming. For more information refer to Can I use Cloudflare with Websockets.
WebSockets are open connections sustained between the client and the origin server. Inside a WebSockets connection, the client and the origin can pass data back and forth without having to reestablish sessions. This makes exchanging data within a WebSockets connection fast. WebSockets are often used for real-time applications such as live chat and gaming. For more information refer to Can I use Cloudflare with Websockets.
0-RTT session resumption enabled for this zone.
0-RTT session resumption enabled for this zone.
class ZeroRTT: …0-RTT session resumption enabled for this zone.
0-RTT session resumption enabled for this zone.
class AdvancedDDoS: …Advanced protection from Distributed Denial of Service (DDoS) attacks on your website. This is an uneditable value that is 'on' in the case of Business and Enterprise zones.
Advanced protection from Distributed Denial of Service (DDoS) attacks on your website. This is an uneditable value that is 'on' in the case of Business and Enterprise zones.
class ZonesCacheRulesAegis: …Aegis provides dedicated egress IPs (from Cloudflare to your origin) for your layer 7 WAF and CDN services. The egress IPs are reserved exclusively for your account so that you can increase your origin security by only allowing traffic from a small list of IP addresses.
Aegis provides dedicated egress IPs (from Cloudflare to your origin) for your layer 7 WAF and CDN services. The egress IPs are reserved exclusively for your account so that you can increase your origin security by only allowing traffic from a small list of IP addresses.
class AlwaysOnline: …When enabled, Cloudflare serves limited copies of web pages available from the Internet Archive's Wayback Machine if your server is offline. Refer to Always Online for more information.
When enabled, Cloudflare serves limited copies of web pages available from the Internet Archive's Wayback Machine if your server is offline. Refer to Always Online for more information.
class ZonesSchemasAlwaysUseHTTPS: …Reply to all requests for URLs that use "http" with a 301 redirect to the equivalent "https" URL. If you only want to redirect for a subset of requests, consider creating an "Always use HTTPS" page rule.
Reply to all requests for URLs that use "http" with a 301 redirect to the equivalent "https" URL. If you only want to redirect for a subset of requests, consider creating an "Always use HTTPS" page rule.
class ZonesSchemasAutomaticHTTPSRewrites: …Enable the Automatic HTTPS Rewrites feature for this zone.
Enable the Automatic HTTPS Rewrites feature for this zone.
class Brotli: …When the client requesting an asset supports the Brotli compression algorithm, Cloudflare will serve a Brotli compressed version of the asset.
When the client requesting an asset supports the Brotli compression algorithm, Cloudflare will serve a Brotli compressed version of the asset.
class ZonesSchemasBrowserCacheTTL: …Browser Cache TTL (in seconds) specifies how long Cloudflare-cached resources will remain on your visitors' computers. Cloudflare will honor any larger times specified by your server. (https://support.cloudflare.com/hc/en-us/articles/200168276).
Browser Cache TTL (in seconds) specifies how long Cloudflare-cached resources will remain on your visitors' computers. Cloudflare will honor any larger times specified by your server. (https://support.cloudflare.com/hc/en-us/articles/200168276).
class ZonesSchemasBrowserCheck: …Browser Integrity Check is similar to Bad Behavior and looks for common HTTP headers abused most commonly by spammers and denies access to your page. It will also challenge visitors that do not have a user agent or a non standard user agent (also commonly used by abuse bots, crawlers or visitors). (https://support.cloudflare.com/hc/en-us/articles/200170086).
Browser Integrity Check is similar to Bad Behavior and looks for common HTTP headers abused most commonly by spammers and denies access to your page. It will also challenge visitors that do not have a user agent or a non standard user agent (also commonly used by abuse bots, crawlers or visitors). (https://support.cloudflare.com/hc/en-us/articles/200170086).
class ZonesSchemasCacheLevel: …Cache Level functions based off the setting level. The basic setting will cache most static resources (i.e., css, images, and JavaScript). The simplified setting will ignore the query string when delivering a cached resource. The aggressive setting will cache all static resources, including ones with a query string. (https://support.cloudflare.com/hc/en-us/articles/200168256).
Cache Level functions based off the setting level. The basic setting will cache most static resources (i.e., css, images, and JavaScript). The simplified setting will ignore the query string when delivering a cached resource. The aggressive setting will cache all static resources, including ones with a query string. (https://support.cloudflare.com/hc/en-us/articles/200168256).
class ChallengeTTL: …Specify how long a visitor is allowed access to your site after successfully completing a challenge (such as a CAPTCHA). After the TTL has expired the visitor will have to complete a new challenge. We recommend a 15 - 45 minute setting and will attempt to honor any setting above 45 minutes. (https://support.cloudflare.com/hc/en-us/articles/200170136).
Specify how long a visitor is allowed access to your site after successfully completing a challenge (such as a CAPTCHA). After the TTL has expired the visitor will have to complete a new challenge. We recommend a 15 - 45 minute setting and will attempt to honor any setting above 45 minutes. (https://support.cloudflare.com/hc/en-us/articles/200170136).
class ZonesChinaNetworkEnabled: …Determines whether or not the china network is enabled.
Determines whether or not the china network is enabled.
class ZonesContentConverter: …When enabled and the client sends an Accept header requesting text/markdown,
Cloudflare will convert HTML responses to Markdown format using the toMarkdown() service.
Refer to the developer documentation for more information.
When enabled and the client sends an Accept header requesting text/markdown, Cloudflare will convert HTML responses to Markdown format using the toMarkdown() service. Refer to the developer documentation for more information.
class Ciphers: …An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.
An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.
class ZonesCNAMEFlattening: …Whether or not cname flattening is on.
Whether or not cname flattening is on.
Deprecatedvalue: Literal["flatten_at_root", "flatten_all"]This zone setting is deprecated; please use the DNS Settings route instead. More information at https://developers.cloudflare.com/fundamentals/api/reference/deprecations/#2025-03-21Current value of the zone setting.
Current value of the zone setting.
class DevelopmentMode: …Development Mode temporarily allows you to enter development mode for your websites if you need to make changes to your site. This will bypass Cloudflare's accelerated cache and slow down your site, but is useful if you are making changes to cacheable content (like images, css, or JavaScript) and would like to see those changes right away. Once entered, development mode will last for 3 hours and then automatically toggle off.
Development Mode temporarily allows you to enter development mode for your websites if you need to make changes to your site. This will bypass Cloudflare's accelerated cache and slow down your site, but is useful if you are making changes to cacheable content (like images, css, or JavaScript) and would like to see those changes right away. Once entered, development mode will last for 3 hours and then automatically toggle off.
class EarlyHints: …When enabled, Cloudflare will attempt to speed up overall page loads by serving 103 responses with Link headers from the final response. Refer to Early Hints for more information.
When enabled, Cloudflare will attempt to speed up overall page loads by serving 103 responses with Link headers from the final response. Refer to Early Hints for more information.
class ZonesSchemasEdgeCacheTTL: …Time (in seconds) that a resource will be ensured to remain on Cloudflare's cache servers.
Time (in seconds) that a resource will be ensured to remain on Cloudflare's cache servers.
class ZonesSchemasEmailObfuscation: …Encrypt email adresses on your web page from bots, while keeping them visible to humans. (https://support.cloudflare.com/hc/en-us/articles/200170016).
Encrypt email adresses on your web page from bots, while keeping them visible to humans. (https://support.cloudflare.com/hc/en-us/articles/200170016).
class H2Prioritization: …HTTP/2 Edge Prioritization optimises the delivery of resources served through HTTP/2 to improve page load performance. It also supports fine control of content delivery when used in conjunction with Workers.
HTTP/2 Edge Prioritization optimises the delivery of resources served through HTTP/2 to improve page load performance. It also supports fine control of content delivery when used in conjunction with Workers.
class HotlinkProtection: …When enabled, the Hotlink Protection option ensures that other sites cannot suck up your bandwidth by building pages that use images hosted on your site. Anytime a request for an image on your site hits Cloudflare, we check to ensure that it's not another site requesting them. People will still be able to download and view images from your page, but other sites won't be able to steal them for use on their own pages. (https://support.cloudflare.com/hc/en-us/articles/200170026).
When enabled, the Hotlink Protection option ensures that other sites cannot suck up your bandwidth by building pages that use images hosted on your site. Anytime a request for an image on your site hits Cloudflare, we check to ensure that it's not another site requesting them. People will still be able to download and view images from your page, but other sites won't be able to steal them for use on their own pages. (https://support.cloudflare.com/hc/en-us/articles/200170026).
class HTTP2: …HTTP2 enabled for this zone.
HTTP2 enabled for this zone.
class HTTP3: …HTTP3 enabled for this zone.
HTTP3 enabled for this zone.
class ImageResizing: …Image Transformations provides on-demand resizing, conversion and optimization for images served through Cloudflare's network. Refer to the Image Transformations documentation for more information.
Image Transformations provides on-demand resizing, conversion and optimization for images served through Cloudflare's network. Refer to the Image Transformations documentation for more information.
class ZonesSchemasIPGeolocation: …Enable IP Geolocation to have Cloudflare geolocate visitors to your website and pass the country code to you. (https://support.cloudflare.com/hc/en-us/articles/200168236).
Enable IP Geolocation to have Cloudflare geolocate visitors to your website and pass the country code to you. (https://support.cloudflare.com/hc/en-us/articles/200168236).
class IPV6: …Enable IPv6 on all subdomains that are Cloudflare enabled. (https://support.cloudflare.com/hc/en-us/articles/200168586).
Enable IPv6 on all subdomains that are Cloudflare enabled. (https://support.cloudflare.com/hc/en-us/articles/200168586).
class ZonesMaxUpload: …Maximum size of an allowable upload.
Maximum size of an allowable upload.
class MinTLSVersion: …Only accepts HTTPS requests that use at least the TLS protocol version specified. For example, if TLS 1.1 is selected, TLS 1.0 connections will be rejected, while 1.1, 1.2, and 1.3 (if enabled) will be permitted.
Only accepts HTTPS requests that use at least the TLS protocol version specified. For example, if TLS 1.1 is selected, TLS 1.0 connections will be rejected, while 1.1, 1.2, and 1.3 (if enabled) will be permitted.
class ZonesSchemasMirage: …Automatically optimize image loading for website visitors on mobile
devices. Refer to our blog post
for more information.
Automatically optimize image loading for website visitors on mobile devices. Refer to our blog post for more information.
Deprecatedvalue: Literal["on", "off"]Mirage is being deprecated. More information at https://developers.cloudflare.com/speed/optimization/images/mirage/Current value of the zone setting.
Current value of the zone setting.
class NEL: …Enable Network Error Logging reporting on your zone. (Beta)
Enable Network Error Logging reporting on your zone. (Beta)
class ZonesSchemasOpportunisticEncryption: …Enables the Opportunistic Encryption feature for a zone.
Enables the Opportunistic Encryption feature for a zone.
class OpportunisticOnion: …Add an Alt-Svc header to all legitimate requests from Tor, allowing the connection to use our onion services instead of exit nodes.
Add an Alt-Svc header to all legitimate requests from Tor, allowing the connection to use our onion services instead of exit nodes.
class OrangeToOrange: …Orange to Orange (O2O) allows zones on Cloudflare to CNAME to other zones also on Cloudflare.
Orange to Orange (O2O) allows zones on Cloudflare to CNAME to other zones also on Cloudflare.
class ZonesSchemasOriginErrorPagePassThru: …Cloudflare will proxy customer error pages on any 502,504 errors on origin server instead of showing a default Cloudflare error page. This does not apply to 522 errors and is limited to Enterprise Zones.
Cloudflare will proxy customer error pages on any 502,504 errors on origin server instead of showing a default Cloudflare error page. This does not apply to 522 errors and is limited to Enterprise Zones.
class ZonesCacheRulesOriginH2MaxStreams: …Origin H2 Max Streams configures the max number of concurrent requests that Cloudflare will send within the same connection when communicating with the origin server, if the origin supports it. Note that if your origin does not support H2 multiplexing, 5xx errors may be observed, particularly 520s. Also note that the default value is 100 for all plan types except Enterprise where it is 1. 1 means that H2 multiplexing is disabled.
Origin H2 Max Streams configures the max number of concurrent requests that Cloudflare will send within the same connection when communicating with the origin server, if the origin supports it. Note that if your origin does not support H2 multiplexing, 5xx errors may be observed, particularly 520s. Also note that the default value is 100 for all plan types except Enterprise where it is 1. 1 means that H2 multiplexing is disabled.
class ZonesCacheRulesOriginMaxHTTPVersion: …Origin Max HTTP Setting Version sets the highest HTTP version Cloudflare will attempt to use with your origin. This setting allows Cloudflare to make HTTP/2 requests to your origin. (Refer to Enable HTTP/2 to Origin, for more information.). The default value is "2" for all plan types except Enterprise where it is "1".
Origin Max HTTP Setting Version sets the highest HTTP version Cloudflare will attempt to use with your origin. This setting allows Cloudflare to make HTTP/2 requests to your origin. (Refer to Enable HTTP/2 to Origin, for more information.). The default value is "2" for all plan types except Enterprise where it is "1".
class ZonesSchemasPolish: …Removes metadata and compresses your images for faster page load times. Basic (Lossless): Reduce the size of PNG, JPEG, and GIF files - no impact on visual quality. Basic + JPEG (Lossy): Further reduce the size of JPEG files for faster image loading. Larger JPEGs are converted to progressive images, loading a lower-resolution image first and ending in a higher-resolution version. Not recommended for hi-res photography sites.
Removes metadata and compresses your images for faster page load times. Basic (Lossless): Reduce the size of PNG, JPEG, and GIF files - no impact on visual quality. Basic + JPEG (Lossy): Further reduce the size of JPEG files for faster image loading. Larger JPEGs are converted to progressive images, loading a lower-resolution image first and ending in a higher-resolution version. Not recommended for hi-res photography sites.
class PrefetchPreload: …Cloudflare will prefetch any URLs that are included in the response headers. This is limited to Enterprise Zones.
Cloudflare will prefetch any URLs that are included in the response headers. This is limited to Enterprise Zones.
class ZonesPrivacyPass: …Privacy Pass v1 was a browser extension developed by the Privacy Pass Team to improve the browsing experience for your visitors by allowing users to reduce the number of CAPTCHAs shown. (https://support.cloudflare.com/hc/en-us/articles/115001992652-Privacy-Pass).
Privacy Pass v1 was a browser extension developed by the Privacy Pass Team to improve the browsing experience for your visitors by allowing users to reduce the number of CAPTCHAs shown. (https://support.cloudflare.com/hc/en-us/articles/115001992652-Privacy-Pass).
Deprecatedvalue: Literal["on", "off"]Privacy Pass v1 was deprecated in 2023. (Announcement - https://blog.cloudflare.com/privacy-pass-standard/) and (API deprecation details - https://developers.cloudflare.com/fundamentals/api/reference/deprecations/#2024-03-31)Current value of the zone setting.
Current value of the zone setting.
class ProxyReadTimeout: …Maximum time between two read operations from origin.
Maximum time between two read operations from origin.
class PseudoIPV4: …The value set for the Pseudo IPv4 setting.
The value set for the Pseudo IPv4 setting.
class ZonesRedirectsForAITraining: …When enabled, Cloudflare will redirect verified AI training crawlers to canonical URLs
found in the HTML response, ensuring AI models train on authoritative content.
When enabled, Cloudflare will redirect verified AI training crawlers to canonical URLs found in the HTML response, ensuring AI models train on authoritative content.
class ZonesReplaceInsecureJS: …Automatically replace insecure JavaScript libraries with safer and faster alternatives provided under cdnjs and powered by Cloudflare. Currently supports the following libraries: Polyfill under polyfill.io.
Automatically replace insecure JavaScript libraries with safer and faster alternatives provided under cdnjs and powered by Cloudflare. Currently supports the following libraries: Polyfill under polyfill.io.
class ZonesSchemasResponseBuffering: …Enables or disables buffering of responses from the proxied server. Cloudflare may buffer the whole payload to deliver it at once to the client versus allowing it to be delivered in chunks. By default, the proxied server streams directly and is not buffered by Cloudflare. This is limited to Enterprise Zones.
Enables or disables buffering of responses from the proxied server. Cloudflare may buffer the whole payload to deliver it at once to the client versus allowing it to be delivered in chunks. By default, the proxied server streams directly and is not buffered by Cloudflare. This is limited to Enterprise Zones.
class ZonesSchemasRocketLoader: …Rocket Loader is a general-purpose asynchronous JavaScript optimisation that prioritises rendering your content while loading your site's Javascript asynchronously. Turning on Rocket Loader will immediately improve a web page's rendering time sometimes measured as Time to First Paint (TTFP), and also the window.onload time (assuming there is JavaScript on the page). This can have a positive impact on your Google search ranking. When turned on, Rocket Loader will automatically defer the loading of all Javascript referenced in your HTML, with no configuration required. Refer to Understanding Rocket Loader for more information.
Rocket Loader is a general-purpose asynchronous JavaScript optimisation that prioritises rendering your content while loading your site's Javascript asynchronously. Turning on Rocket Loader will immediately improve a web page's rendering time sometimes measured as Time to First Paint (TTFP), and also the window.onload time (assuming there is JavaScript on the page). This can have a positive impact on your Google search ranking. When turned on, Rocket Loader will automatically defer the loading of all Javascript referenced in your HTML, with no configuration required. Refer to Understanding Rocket Loader for more information.
class ZonesSchemasAutomaticPlatformOptimization: …Automatic Platform Optimization for WordPress serves your WordPress site from Cloudflare's edge network and caches third-party fonts.
Automatic Platform Optimization for WordPress serves your WordPress site from Cloudflare's edge network and caches third-party fonts.
class SecurityHeaders: …Cloudflare security header for a zone.
Cloudflare security header for a zone.
class ZonesSchemasSecurityLevel: …Choose the appropriate security profile for your website, which will automatically adjust each of the security settings. If you choose to customize an individual security setting, the profile will become Custom. (https://support.cloudflare.com/hc/en-us/articles/200170056).
Choose the appropriate security profile for your website, which will automatically adjust each of the security settings. If you choose to customize an individual security setting, the profile will become Custom. (https://support.cloudflare.com/hc/en-us/articles/200170056).
class ServerSideExcludes: …If there is sensitive content on your website that you want visible to real visitors, but that you want to hide from suspicious visitors, all you have to do is wrap the content with Cloudflare SSE tags. Wrap any content that you want to be excluded from suspicious visitors in the following SSE tags: . For example: Bad visitors won't see my phone number, 555-555-5555 . Note: SSE only will work with HTML. If you have HTML minification enabled, you won't see the SSE tags in your HTML source when it's served through Cloudflare. SSE will still function in this case, as Cloudflare's HTML minification and SSE functionality occur on-the-fly as the resource moves through our network to the visitor's computer. (https://support.cloudflare.com/hc/en-us/articles/200170036).
If there is sensitive content on your website that you want visible to real visitors, but that you want to hide from suspicious visitors, all you have to do is wrap the content with Cloudflare SSE tags. Wrap any content that you want to be excluded from suspicious visitors in the following SSE tags: . For example: Bad visitors won't see my phone number, 555-555-5555 . Note: SSE only will work with HTML. If you have HTML minification enabled, you won't see the SSE tags in your HTML source when it's served through Cloudflare. SSE will still function in this case, as Cloudflare's HTML minification and SSE functionality occur on-the-fly as the resource moves through our network to the visitor's computer. (https://support.cloudflare.com/hc/en-us/articles/200170036).
class ZonesSha1Support: …Allow SHA1 support.
Allow SHA1 support.
class ZonesSchemasSortQueryStringForCache: …Cloudflare will treat files with the same query strings as the same file in cache, regardless of the order of the query strings. This is limited to Enterprise Zones.
Cloudflare will treat files with the same query strings as the same file in cache, regardless of the order of the query strings. This is limited to Enterprise Zones.
class ZonesSchemasSSL: …SSL encrypts your visitor's connection and safeguards credit card numbers and other personal data to and from your website. SSL can take up to 5 minutes to fully activate. Requires Cloudflare active on your root domain or www domain. Off: no SSL between the visitor and Cloudflare, and no SSL between Cloudflare and your web server (all HTTP traffic). Flexible: SSL between the visitor and Cloudflare -- visitor sees HTTPS on your site, but no SSL between Cloudflare and your web server. You don't need to have an SSL cert on your web server, but your vistors will still see the site as being HTTPS enabled. Full: SSL between the visitor and Cloudflare -- visitor sees HTTPS on your site, and SSL between Cloudflare and your web server. You'll need to have your own SSL cert or self-signed cert at the very least. Full (Strict): SSL between the visitor and Cloudflare -- visitor sees HTTPS on your site, and SSL between Cloudflare and your web server. You'll need to have a valid SSL certificate installed on your web server. This certificate must be signed by a certificate authority, have an expiration date in the future, and respond for the request domain name (hostname). (https://support.cloudflare.com/hc/en-us/articles/200170416).
SSL encrypts your visitor's connection and safeguards credit card numbers and other personal data to and from your website. SSL can take up to 5 minutes to fully activate. Requires Cloudflare active on your root domain or www domain. Off: no SSL between the visitor and Cloudflare, and no SSL between Cloudflare and your web server (all HTTP traffic). Flexible: SSL between the visitor and Cloudflare -- visitor sees HTTPS on your site, but no SSL between Cloudflare and your web server. You don't need to have an SSL cert on your web server, but your vistors will still see the site as being HTTPS enabled. Full: SSL between the visitor and Cloudflare -- visitor sees HTTPS on your site, and SSL between Cloudflare and your web server. You'll need to have your own SSL cert or self-signed cert at the very least. Full (Strict): SSL between the visitor and Cloudflare -- visitor sees HTTPS on your site, and SSL between Cloudflare and your web server. You'll need to have a valid SSL certificate installed on your web server. This certificate must be signed by a certificate authority, have an expiration date in the future, and respond for the request domain name (hostname). (https://support.cloudflare.com/hc/en-us/articles/200170416).
class SSLRecommender: …Enrollment in the SSL/TLS Recommender service which tries to detect and recommend (by sending periodic emails) the most secure SSL/TLS setting your origin servers support.
Enrollment in the SSL/TLS Recommender service which tries to detect and recommend (by sending periodic emails) the most secure SSL/TLS setting your origin servers support.
class ZonesTLS1_2Only: …Only allows TLS1.2.
Only allows TLS1.2.
class TLS1_3: …Enables Crypto TLS 1.3 feature for a zone.
Enables Crypto TLS 1.3 feature for a zone.
class TLSClientAuth: …TLS Client Auth requires Cloudflare to connect to your origin server using a client certificate (Enterprise Only).
TLS Client Auth requires Cloudflare to connect to your origin server using a client certificate (Enterprise Only).
class ZonesTransformations: …Media Transformations provides on-demand resizing, conversion and optimization for images and video served through Cloudflare's network. Refer to the Image Transformations and Video Transformations documentation for more information.
Media Transformations provides on-demand resizing, conversion and optimization for images and video served through Cloudflare's network. Refer to the Image Transformations and Video Transformations documentation for more information.
ID of the zone setting. Shared between Image Transformations and Video Transformations.
class ZonesTransformationsAllowedOrigins: …Media Transformations Allowed Origins restricts transformations for images and video served through Cloudflare's network. Refer to the Image Transformations and Video Transformations documentation for more information.
Media Transformations Allowed Origins restricts transformations for images and video served through Cloudflare's network. Refer to the Image Transformations and Video Transformations documentation for more information.
class ZonesSchemasTrueClientIPHeader: …Allows customer to continue to use True Client IP (Akamai feature) in the headers we send to the origin. This is limited to Enterprise Zones.
Allows customer to continue to use True Client IP (Akamai feature) in the headers we send to the origin. This is limited to Enterprise Zones.
class ZonesSchemasWAF: …The WAF examines HTTP requests to your website. It inspects both GET and POST requests and applies rules to help filter out illegitimate traffic from legitimate website visitors. The Cloudflare WAF inspects website addresses or URLs to detect anything out of the ordinary. If the Cloudflare WAF determines suspicious user behavior, then the WAF will 'challenge' the web visitor with a page that asks them to submit a CAPTCHA successfully to continue their action. If the challenge is failed, the action will be stopped. What this means is that Cloudflare's WAF will block any traffic identified as illegitimate before it reaches your origin web server. (https://support.cloudflare.com/hc/en-us/articles/200172016).
The WAF examines HTTP requests to your website. It inspects both GET and POST requests and applies rules to help filter out illegitimate traffic from legitimate website visitors. The Cloudflare WAF inspects website addresses or URLs to detect anything out of the ordinary. If the Cloudflare WAF determines suspicious user behavior, then the WAF will 'challenge' the web visitor with a page that asks them to submit a CAPTCHA successfully to continue their action. If the challenge is failed, the action will be stopped. What this means is that Cloudflare's WAF will block any traffic identified as illegitimate before it reaches your origin web server. (https://support.cloudflare.com/hc/en-us/articles/200172016).
class WebP: …When the client requesting the image supports the WebP image codec, and WebP offers a performance advantage over the original image format, Cloudflare will serve a WebP version of the original image.
When the client requesting the image supports the WebP image codec, and WebP offers a performance advantage over the original image format, Cloudflare will serve a WebP version of the original image.
class Websocket: …WebSockets are open connections sustained between the client and the origin server. Inside a WebSockets connection, the client and the origin can pass data back and forth without having to reestablish sessions. This makes exchanging data within a WebSockets connection fast. WebSockets are often used for real-time applications such as live chat and gaming. For more information refer to Can I use Cloudflare with Websockets.
WebSockets are open connections sustained between the client and the origin server. Inside a WebSockets connection, the client and the origin can pass data back and forth without having to reestablish sessions. This makes exchanging data within a WebSockets connection fast. WebSockets are often used for real-time applications such as live chat and gaming. For more information refer to Can I use Cloudflare with Websockets.
ZonesCustom Nameservers
Get Account Custom Nameserver Related Zone Metadata
Set Account Custom Nameserver Related Zone Metadata
ZonesHolds
ZonesSubscriptions
Zone Subscription Details
Create Zone Subscription
Update Zone Subscription
ModelsExpand Collapse
class SubscriptionGetResponse: …
The end of the current period and also when the next billing is due.
When the current billing period started. May match initial_period_start if this is the first period.
class SubscriptionCreateResponse: …
The end of the current period and also when the next billing is due.
When the current billing period started. May match initial_period_start if this is the first period.
class SubscriptionUpdateResponse: …
The end of the current period and also when the next billing is due.
When the current billing period started. May match initial_period_start if this is the first period.
ZonesPlans
List Available Plans
Available Plan Details
ZonesRate Plans
List Available Rate Plans
ModelsExpand Collapse
class RatePlanGetResponse: …
components: Optional[List[Component]]Array of available components values for the plan.
Array of available components values for the plan.