Cloudflare Docs
Visit Ruleset Engine on GitHub
Set theme to dark (⇧+D)

Add rule to ruleset

Adds a single rule to an existing ruleset. Use this endpoint to add a rule without having to include all the existing ruleset rules in the request.

Use one of the following API endpoints:

OperationMethod + Endpoint
Add an individual rule (account)POST /accounts/<ACCOUNT_ID>/rulesets/<RULESET_ID>/rules
Add an individual rule (zone)POST /zones/<ZONE_ID>/rulesets/<RULESET_ID>/rules

Invoking this method creates a new version of the ruleset.

Include the rule definition in the request body. The rule will be added to the end of the existing list of rules in the ruleset.


The following example adds a rule to ruleset <RULESET_ID> of zone <ZONE_ID>. The ruleset ID was previously obtained using the List rulesets operation, and corresponds to the entry point ruleset for the http_request_firewall_custom phase.

curl "<ZONE_ID>/rulesets/<RULESET_ID>/rules" \
-H "Authorization: Bearer <API_TOKEN>" \
-d '{
"action": "js_challenge",
"expression": "( eq \"GB\" or eq \"FR\") or cf.threat_score > 0",
"description": "challenge GB and FR or based on IP Reputation"

The response includes the complete ruleset after adding the rule.

"result": {
"id": "<RULESET_ID>",
"name": "Zone Ruleset 1",
"description": "My phase entry point ruleset at the zone level",
"kind": "zone",
"version": "11",
"rules": [
"id": "<RULE_ID_1>",
"version": "1",
"action": "challenge",
"expression": "not http.request.uri.path matches \"^/api/.*$\"",
"last_updated": "2020-11-23T11:36:24.192361Z",
"ref": "<RULE_REF_1>",
"enabled": true
"id": "<NEW_RULE_ID>",
"version": "1",
"action": "js_challenge",
"expression": "( eq \"GB\" or eq \"FR\") or cf.threat_score > 0",
"description": "challenge GB and FR or based on IP Reputation",
"last_updated": "2021-06-22T12:35:58.144683Z",
"ref": "<NEW_RULE_REF>",
"enabled": true
"last_updated": "2021-06-22T12:35:58.144683Z",
"phase": "http_request_firewall_custom"
"success": true,
"errors": [],
"messages": []