Edit rule expressions
In the Cloudflare dashboard, there are two options for editing expressions:
- Expression Builder: Allows you to create expressions using drop-down lists, emphasizing a visual approach to defining an expression.
- Expression Editor: A text-only interface that supports advanced features, such as grouping symbols and functions for transforming and validating values.
In general, you can switch back and forth between the Expression Builder and the Expression Editor. However, the Expression Builder does not support nested expressions.
The Expression Builder allows you to visually create rule expressions by using drop-down lists and entering field values to define one or multiple sub-expressions.
The Expression Preview displays the expression in text:
(ip.geoip.country ne "GB")
The Expression Editor is a text-only interface for defining rule expressions that supports the entire specification of Cloudflare’s Rules language, including parentheses as grouping symbols.
To access the Expression Editor, select Edit expression in the Create firewall rule page:
To switch back from the Expression Editor to the Expression Builder, select Use expression builder.
Create nested expressions
The Expression Editor supports parentheses as grouping symbols. Use parentheses to explicitly group and nest expressions and, in turn, create highly targeted expressions.
The following rule expression example challenges any visitor who is not from Malaysia and tries to access WordPress URI paths.
((http.request.uri.path contains "/xmlrpc.php") or (http.request.uri.pathcontains "/wp-login.php") or (http.request.uri.path contains "/wp-admin/"and not http.request.uri.path contains "/wp-admin/admin-ajax.php" and nothttp.request.uri.path contains "/wp-admin/theme-editor.php")) andip.geoip.country ne "MY"
Only the Expression Editor supports nested expressions such as the one above. If you create a rule with nested expressions in the Expression Editor and try to switch to the Expression Builder, a dialog will warn you that the expression is not supported in the builder. You will be prompted to Discard changes and switch to the Expression Builder or Cancel and continue working in the editor.
Cloudflare validates all expressions before saving them, so if your expression has errors, you will receive an error message in the Cloudflare dashboard, similar to the following:
Filter parsing error (1:313): ((http.request.uri.path contains"/xmlrpc.php") or (http.request.uri.path contains "/wp-login.php") or(http.request.uri.path contains "/wp-admin/" and nothttp.request.uri.path contains "/wp-admin/admin-ajax.php" and nothttp.request.uri.path contains "/wp-admin/theme-editor.php")) andip.geoip.country ne "MY") ^ unrecognised input