Skip to content
Cloudflare API
Start here
API Reference
Firewall
WAF
Packages
Rules

Update a WAF rule

Deprecated
client.Firewall.WAF.Packages.Rules.Edit(ctx, packageID, ruleID, params) (*WAFPackageRuleEditResponse, error)
PATCH/zones/{zone_id}/firewall/waf/packages/{package_id}/rules/{rule_id}

Updates a WAF rule. You can only update the mode/action of the rule.

Note: Applies only to the previous version of WAF managed rules.

Security
API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194
Accepted Permissions (at least one required)
Firewall Services Write
ParametersExpand Collapse
packageID string

Defines the unique identifier of a WAF package.

maxLength32
ruleID string

Defines the unique identifier of a WAF package.

maxLength32
params WAFPackageRuleEditParams
ZoneID param.Field[string]

Path param: Defines an identifier of a schema.

maxLength32
Mode param.Field[WAFPackageRuleEditParamsMode]Optional

Body param: Defines the mode/action of the rule when triggered. You must use a value from the allowed_modes array of the current rule.

const WAFPackageRuleEditParamsModeDefault WAFPackageRuleEditParamsMode = "default"
const WAFPackageRuleEditParamsModeDisable WAFPackageRuleEditParamsMode = "disable"
const WAFPackageRuleEditParamsModeSimulate WAFPackageRuleEditParamsMode = "simulate"
const WAFPackageRuleEditParamsModeBlock WAFPackageRuleEditParamsMode = "block"
const WAFPackageRuleEditParamsModeChallenge WAFPackageRuleEditParamsMode = "challenge"
const WAFPackageRuleEditParamsModeOn WAFPackageRuleEditParamsMode = "on"
const WAFPackageRuleEditParamsModeOff WAFPackageRuleEditParamsMode = "off"
ReturnsExpand Collapse
type WAFPackageRuleEditResponse interface{…}

When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the ‘sensitivity’ property of the WAF package.

One of the following:
type WAFPackageRuleEditResponseWAFManagedRulesAnomalyRule struct{…}

When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the ‘sensitivity’ property of the WAF package.

ID string

Defines the unique identifier of the WAF rule.

maxLength32
AllowedModes []AllowedModesAnomaly

Defines the available modes for the current WAF rule. Applies to anomaly detection WAF rules.

One of the following:
const AllowedModesAnomalyOn AllowedModesAnomaly = "on"
const AllowedModesAnomalyOff AllowedModesAnomaly = "off"
Description string

Defines the public description of the WAF rule.

Group WAFRuleGroup

Defines the rule group to which the current WAF rule belongs.

ID stringOptional

Defines the unique identifier of the rule group.

maxLength32
Name stringOptional

Defines the name of the rule group.

Mode AllowedModesAnomaly

Defines the mode anomaly. When set to on, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.

One of the following:
const AllowedModesAnomalyOn AllowedModesAnomaly = "on"
const AllowedModesAnomalyOff AllowedModesAnomaly = "off"
PackageID string

Defines the unique identifier of a WAF package.

maxLength32
Priority string

Defines the order in which the individual WAF rule is executed within its rule group.

type WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRule struct{…}

When triggered, traditional WAF rules cause the firewall to immediately act upon the request based on the configuration of the rule. A ‘deny’ rule will immediately respond to the request based on the configured rule action/mode (for example, ‘block’) and no other rules will be processed.

ID string

Defines the unique identifier of the WAF rule.

maxLength32
AllowedModes []WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleAllowedMode

Defines the list of possible actions of the WAF rule when it is triggered.

One of the following:
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleAllowedModeDefault WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleAllowedMode = "default"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleAllowedModeDisable WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleAllowedMode = "disable"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleAllowedModeSimulate WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleAllowedMode = "simulate"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleAllowedModeBlock WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleAllowedMode = "block"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleAllowedModeChallenge WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleAllowedMode = "challenge"
DefaultMode WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleDefaultMode

Defines the default action/mode of a rule.

One of the following:
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleDefaultModeDisable WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleDefaultMode = "disable"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleDefaultModeSimulate WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleDefaultMode = "simulate"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleDefaultModeBlock WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleDefaultMode = "block"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleDefaultModeChallenge WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleDefaultMode = "challenge"
Description string

Defines the public description of the WAF rule.

Group WAFRuleGroup

Defines the rule group to which the current WAF rule belongs.

ID stringOptional

Defines the unique identifier of the rule group.

maxLength32
Name stringOptional

Defines the name of the rule group.

Mode WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleMode

Defines the action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules.

One of the following:
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleModeDefault WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleMode = "default"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleModeDisable WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleMode = "disable"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleModeSimulate WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleMode = "simulate"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleModeBlock WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleMode = "block"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleModeChallenge WAFPackageRuleEditResponseWAFManagedRulesTraditionalDenyRuleMode = "challenge"
PackageID string

Defines the unique identifier of a WAF package.

maxLength32
Priority string

Defines the order in which the individual WAF rule is executed within its rule group.

type WAFPackageRuleEditResponseWAFManagedRulesTraditionalAllowRule struct{…}

When triggered, traditional WAF rules cause the firewall to immediately act on the request based on the rule configuration. An ‘allow’ rule will immediately allow the request and no other rules will be processed.

ID string

Defines the unique identifier of the WAF rule.

maxLength32
AllowedModes []WAFPackageRuleEditResponseWAFManagedRulesTraditionalAllowRuleAllowedMode

Defines the available modes for the current WAF rule.

One of the following:
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalAllowRuleAllowedModeOn WAFPackageRuleEditResponseWAFManagedRulesTraditionalAllowRuleAllowedMode = "on"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalAllowRuleAllowedModeOff WAFPackageRuleEditResponseWAFManagedRulesTraditionalAllowRuleAllowedMode = "off"
Description string

Defines the public description of the WAF rule.

Group WAFRuleGroup

Defines the rule group to which the current WAF rule belongs.

ID stringOptional

Defines the unique identifier of the rule group.

maxLength32
Name stringOptional

Defines the name of the rule group.

Mode WAFPackageRuleEditResponseWAFManagedRulesTraditionalAllowRuleMode

When set to on, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules.

One of the following:
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalAllowRuleModeOn WAFPackageRuleEditResponseWAFManagedRulesTraditionalAllowRuleMode = "on"
const WAFPackageRuleEditResponseWAFManagedRulesTraditionalAllowRuleModeOff WAFPackageRuleEditResponseWAFManagedRulesTraditionalAllowRuleMode = "off"
PackageID string

Defines the unique identifier of a WAF package.

maxLength32
Priority string

Defines the order in which the individual WAF rule is executed within its rule group.

Update a WAF rule

package main

import (
  "context"
  "fmt"

  "github.com/stainless-sdks/cloudflare-go"
  "github.com/stainless-sdks/cloudflare-go/firewall"
  "github.com/stainless-sdks/cloudflare-go/option"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  response, err := client.Firewall.WAF.Packages.Rules.Edit(
    context.TODO(),
    "a25a9a7e9c00afc1fb2e0245519d725b",
    "a25a9a7e9c00afc1fb2e0245519d725b",
    firewall.WAFPackageRuleEditParams{
      ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
    },
  )
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", response)
}

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": "f939de3be84e66e757adcdcb87908023",
    "allowed_modes": [
      "on",
      "off"
    ],
    "description": "SQL injection prevention for SELECT statements",
    "group": {
      "id": "de677e5818985db1285d0e80225f06e5",
      "name": "Project Honey Pot"
    },
    "mode": "on",
    "package_id": "a25a9a7e9c00afc1fb2e0245519d725b",
    "priority": "priority"
  },
  "success": true
}
Returns Examples
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": "f939de3be84e66e757adcdcb87908023",
    "allowed_modes": [
      "on",
      "off"
    ],
    "description": "SQL injection prevention for SELECT statements",
    "group": {
      "id": "de677e5818985db1285d0e80225f06e5",
      "name": "Project Honey Pot"
    },
    "mode": "on",
    "package_id": "a25a9a7e9c00afc1fb2e0245519d725b",
    "priority": "priority"
  },
  "success": true
}