Skip to content
Ruleset Engine
Visit Ruleset Engine on GitHub
Set theme to dark (⇧+D)

Create ruleset

Creates a ruleset of a given kind in the specified phase. Allows you to create phase entry point rulesets.

Use one of the following API endpoints:

OperationMethod + Endpoint
Create account rulesetPOST /accounts/{account-id}/rulesets
Create zone rulesetPOST /zones/{zone-id}/rulesets

The following parameters are required:

NameDescriptionValueNotes
nameA human-readable name for the ruleset.StringThe name is immutable. You cannot change it over the lifetime of the ruleset.
descriptionOptional description for the ruleset.StringYou can change the description over the lifetime of the ruleset.
kindThe kind of ruleset the JSON object represents.String

Allowed values:

  • custom - creates a custom ruleset
  • root - creates a phase entry point ruleset at the account level
  • zone - creates a phase entry point ruleset at the zone level

phaseThe name of the phase where the ruleset will be created.StringCheck the specific Cloudflare product documentation for more information on the phases where you can create rulesets for that product.

Use the rules parameter to supply a list of rules for the ruleset. For an object definition, refer to Rulesets API: JSON Object.

Example - Create a custom ruleset

The following example request creates a custom ruleset in the http_request_firewall_custom phase containing a single rule.

Request
curl -X POST \
-H "X-Auth-Email: user@example.com" \
-H "X-Auth-Key: REDACTED" \
"https://api.cloudflare.com/client/v4/accounts/{account-id}/rulesets" \
-d '{
"name": "Example custom ruleset",
"kind": "custom",
"description": "Example ruleset description",
"rules": [
{
"action": "log",
"expression": "cf.zone.name eq \"example.com\""
}
],
"phase": "http_request_firewall_custom"
}'
Response
{
"result": {
"id": "{ruleset-id}",
"name": "Example custom ruleset",
"description": "Example ruleset description",
"kind": "custom",
"version": "1",
"rules": [
{
"id": "{rule-id}",
"version": "1",
"action": "log",
"expression": "cf.zone.name eq \"example.com\"",
"last_updated": "2021-03-17T15:42:37.917815Z"
}
],
"last_updated": "2021-03-17T15:42:37.917815Z",
"phase": "http_request_firewall_custom"
},
"success": true,
"errors": [],
"messages": []
}

Example - Create a zone-level phase entry point ruleset

The following example request creates a zone-level phase entry point ruleset at the http_request_firewall_managed phase with a single rule that executes a Managed Ruleset.

Request
curl -X POST \
-H "X-Auth-Email: user@example.com" \
-H "X-Auth-Key: REDACTED" \
"https://api.cloudflare.com/client/v4/zones/{zone-id}/rulesets" \
-d '{
"name": "Zone-level phase entry point",
"kind": "zone",
"description": "This ruleset executes a Managed Ruleset.",
"rules": [
{
"action": "execute",
"expression": "true",
"action_parameters": {
"id": "{managed-ruleset-id}"
}
}
],
"phase": "http_request_firewall_managed"
}'
Response
{
"result": {
"id": "{ruleset-id}",
"name": "Zone-level phase entry point",
"description": "This ruleset executes a Managed Ruleset.",
"kind": "zone",
"version": "1",
"rules": [
{
"id": "{rule-id}",
"version": "1",
"action": "execute",
"expression": "true",
"action_parameters": {
"id": "{managed-ruleset-id}"
},
"last_updated": "2021-03-17T15:42:37.917815Z"
}
],
"last_updated": "2021-03-17T15:42:37.917815Z",
"phase": "http_request_firewall_managed"
},
"success": true,
"errors": [],
"messages": []
}