API Reference

Firewall

WAF

Overrides

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Update WAF override

Deprecated

client.Firewall.WAF.Overrides.Update(ctx, overridesID, params) (*Override, error)

PUT/zones/{zone_id}/firewall/waf/overrides/{overrides_id}

Updates an existing URI-based WAF override.

Note: Applies only to the previous version of WAF managed rules.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Zone Settings Write

ParametersExpand Collapse

overridesID string

The unique identifier of the WAF override.

maxLength32

params WAFOverrideUpdateParams

ZoneID param.Field[string]

Path param: Defines an identifier.

maxLength32

ID param.Field[string]

Body param: Defines an identifier.

maxLength32

RewriteAction param.Field[RewriteAction]

Body param: Specifies that, when a WAF rule matches, its configured action will be replaced by the action configured in this object.

Rules param.Field[WAFRule]

Body param: An object that allows you to override the action of specific WAF rules. Each key of this object must be the ID of a WAF rule, and each value must be a valid WAF action. Unless you are disabling a rule, ensure that you also enable the rule group that this WAF rule belongs to. When creating a new URI-based WAF override, you must provide a groups object or a rules object.

URLs param.Field[[]OverrideURL]

Body param: The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns.

ReturnsExpand Collapse

type Override struct{…}

ID stringOptional

The unique identifier of the WAF override.

maxLength32

Description stringOptional

An informative summary of the current URI-based WAF override.

maxLength1024

Groups map[string, unknown]Optional

An object that allows you to enable or disable WAF rule groups for the current WAF override. Each key of this object must be the ID of a WAF rule group, and each value must be a valid WAF action (usually default or disable). When creating a new URI-based WAF override, you must provide a groups object or a rules object.

Paused boolOptional

When true, indicates that the rule is currently paused.

Priority float64Optional

The relative priority of the current URI-based WAF override when multiple overrides match a single URL. A lower number indicates higher priority. Higher priority overrides may overwrite values set by lower priority overrides.

maximum1000000000

minimum-1000000000

RewriteAction RewriteActionOptional

Specifies that, when a WAF rule matches, its configured action will be replaced by the action configured in this object.

Block RewriteActionBlockOptional

The WAF rule action to apply.

One of the following:

const RewriteActionBlockChallenge RewriteActionBlock = "challenge"

const RewriteActionBlockBlock RewriteActionBlock = "block"

const RewriteActionBlockSimulate RewriteActionBlock = "simulate"

const RewriteActionBlockDisable RewriteActionBlock = "disable"

const RewriteActionBlockDefault RewriteActionBlock = "default"

Challenge RewriteActionChallengeOptional

The WAF rule action to apply.

One of the following:

const RewriteActionChallengeChallenge RewriteActionChallenge = "challenge"

const RewriteActionChallengeBlock RewriteActionChallenge = "block"

const RewriteActionChallengeSimulate RewriteActionChallenge = "simulate"

const RewriteActionChallengeDisable RewriteActionChallenge = "disable"

const RewriteActionChallengeDefault RewriteActionChallenge = "default"

Default RewriteActionDefaultOptional

The WAF rule action to apply.

One of the following:

const RewriteActionDefaultChallenge RewriteActionDefault = "challenge"

const RewriteActionDefaultBlock RewriteActionDefault = "block"

const RewriteActionDefaultSimulate RewriteActionDefault = "simulate"

const RewriteActionDefaultDisable RewriteActionDefault = "disable"

const RewriteActionDefaultDefault RewriteActionDefault = "default"

Disable RewriteActionDisableOptional

The WAF rule action to apply.

One of the following:

const RewriteActionDisableChallenge RewriteActionDisable = "challenge"

const RewriteActionDisableBlock RewriteActionDisable = "block"

const RewriteActionDisableSimulate RewriteActionDisable = "simulate"

const RewriteActionDisableDisable RewriteActionDisable = "disable"

const RewriteActionDisableDefault RewriteActionDisable = "default"

Simulate RewriteActionSimulateOptional

The WAF rule action to apply.

One of the following:

const RewriteActionSimulateChallenge RewriteActionSimulate = "challenge"

const RewriteActionSimulateBlock RewriteActionSimulate = "block"

const RewriteActionSimulateSimulate RewriteActionSimulate = "simulate"

const RewriteActionSimulateDisable RewriteActionSimulate = "disable"

const RewriteActionSimulateDefault RewriteActionSimulate = "default"

Rules WAFRuleOptional

An object that allows you to override the action of specific WAF rules. Each key of this object must be the ID of a WAF rule, and each value must be a valid WAF action. Unless you are disabling a rule, ensure that you also enable the rule group that this WAF rule belongs to. When creating a new URI-based WAF override, you must provide a groups object or a rules object.

One of the following:

const WAFRuleItemChallenge WAFRuleItem = "challenge"

const WAFRuleItemBlock WAFRuleItem = "block"

const WAFRuleItemSimulate WAFRuleItem = "simulate"

const WAFRuleItemDisable WAFRuleItem = "disable"

const WAFRuleItemDefault WAFRuleItem = "default"

URLs []OverrideURLOptional

The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns.

Update WAF override

Go

HTTP

TypeScript

Python

Go

Terraform

package main

import (
  "context"
  "fmt"

  "github.com/stainless-sdks/cloudflare-go"
  "github.com/stainless-sdks/cloudflare-go/firewall"
  "github.com/stainless-sdks/cloudflare-go/option"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  override, err := client.Firewall.WAF.Overrides.Update(
    context.TODO(),
    "de677e5818985db1285d0e80225f06e5",
    firewall.WAFOverrideUpdateParams{
      ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
      ID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
      RewriteAction: cloudflare.F(firewall.RewriteActionParam{

      }),
      Rules: cloudflare.F(firewall.WAFRuleParam{
      "100015": firewall.WAFRuleItemDisable,
      }),
      URLs: cloudflare.F([]firewall.OverrideURLParam{"shop.example.com/*"}),
    },
  )
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", override.ID)
}

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": "de677e5818985db1285d0e80225f06e5",
    "description": "Enable Cloudflare Magento ruleset for shop.example.com",
    "groups": {
      "ea8687e59929c1fd05ba97574ad43f77": "bar"
    },
    "paused": true,
    "priority": 1,
    "rewrite_action": {
      "block": "challenge",
      "challenge": "challenge",
      "default": "challenge",
      "disable": "challenge",
      "simulate": "challenge"
    },
    "rules": {
      "100015": "disable"
    },
    "urls": [
      "shop.example.com/*"
    ]
  },
  "success": true
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": "de677e5818985db1285d0e80225f06e5",
    "description": "Enable Cloudflare Magento ruleset for shop.example.com",
    "groups": {
      "ea8687e59929c1fd05ba97574ad43f77": "bar"
    },
    "paused": true,
    "priority": 1,
    "rewrite_action": {
      "block": "challenge",
      "challenge": "challenge",
      "default": "challenge",
      "disable": "challenge",
      "simulate": "challenge"
    },
    "rules": {
      "100015": "disable"
    },
    "urls": [
      "shop.example.com/*"
    ]
  },
  "success": true
}