API Reference

Firewall

WAF

Packages

Rules

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

List WAF rules

Deprecated

client.Firewall.WAF.Packages.Rules.List(ctx, packageID, params) (*V4PagePaginationArray[WAFPackageRuleListResponse], error)

GET/zones/{zone_id}/firewall/waf/packages/{package_id}/rules

Fetches WAF rules in a WAF package.

Note: Applies only to the previous version of WAF managed rules.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Firewall Services WriteFirewall Services Read

ParametersExpand Collapse

packageID string

Defines the unique identifier of a WAF package.

maxLength32

params WAFPackageRuleListParams

ZoneID param.Field[string]

Path param: Defines an identifier of a schema.

maxLength32

Description param.Field[string]Optional

Query param: Defines the public description of the WAF rule.

Direction param.Field[WAFPackageRuleListParamsDirection]Optional

Query param: Defines the direction used to sort returned rules.

const WAFPackageRuleListParamsDirectionAsc WAFPackageRuleListParamsDirection = "asc"

const WAFPackageRuleListParamsDirectionDesc WAFPackageRuleListParamsDirection = "desc"

GroupID param.Field[string]Optional

Query param: Defines the unique identifier of the rule group.

maxLength32

Match param.Field[WAFPackageRuleListParamsMatch]Optional

Query param: Defines the search requirements. When set to all, all the search requirements must match. When set to any, only one of the search requirements has to match.

const WAFPackageRuleListParamsMatchAny WAFPackageRuleListParamsMatch = "any"

const WAFPackageRuleListParamsMatchAll WAFPackageRuleListParamsMatch = "all"

Mode param.Field[WAFPackageRuleListParamsMode]Optional

Query param: Defines the action/mode a rule has been overridden to perform.

const WAFPackageRuleListParamsModeDis WAFPackageRuleListParamsMode = "DIS"

const WAFPackageRuleListParamsModeChl WAFPackageRuleListParamsMode = "CHL"

const WAFPackageRuleListParamsModeBlk WAFPackageRuleListParamsMode = "BLK"

const WAFPackageRuleListParamsModeSim WAFPackageRuleListParamsMode = "SIM"

Order param.Field[WAFPackageRuleListParamsOrder]Optional

Query param: Defines the field used to sort returned rules.

const WAFPackageRuleListParamsOrderPriority WAFPackageRuleListParamsOrder = "priority"

const WAFPackageRuleListParamsOrderGroupID WAFPackageRuleListParamsOrder = "group_id"

const WAFPackageRuleListParamsOrderDescription WAFPackageRuleListParamsOrder = "description"

Page param.Field[float64]Optional

Query param: Defines the page number of paginated results.

minimum1

PerPage param.Field[float64]Optional

Query param: Defines the number of rules per page.

maximum100

minimum5

Priority param.Field[string]Optional

Query param: Defines the order in which the individual WAF rule is executed within its rule group.

ReturnsExpand Collapse

type WAFPackageRuleListResponse interface{…}

When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the ‘sensitivity’ property of the WAF package.

One of the following:

type WAFPackageRuleListResponseWAFManagedRulesAnomalyRule struct{…}

When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the ‘sensitivity’ property of the WAF package.

ID string

Defines the unique identifier of the WAF rule.

maxLength32

AllowedModes []AllowedModesAnomaly

Defines the available modes for the current WAF rule. Applies to anomaly detection WAF rules.

One of the following:

const AllowedModesAnomalyOn AllowedModesAnomaly = "on"

const AllowedModesAnomalyOff AllowedModesAnomaly = "off"

Description string

Defines the public description of the WAF rule.

Group WAFRuleGroup

Defines the rule group to which the current WAF rule belongs.

ID stringOptional

Defines the unique identifier of the rule group.

maxLength32

Name stringOptional

Defines the name of the rule group.

Mode AllowedModesAnomaly

Defines the mode anomaly. When set to on, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.

One of the following:

const AllowedModesAnomalyOn AllowedModesAnomaly = "on"

const AllowedModesAnomalyOff AllowedModesAnomaly = "off"

PackageID string

Defines the unique identifier of a WAF package.

maxLength32

Priority string

Defines the order in which the individual WAF rule is executed within its rule group.

type WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRule struct{…}

When triggered, traditional WAF rules cause the firewall to immediately act upon the request based on the configuration of the rule. A ‘deny’ rule will immediately respond to the request based on the configured rule action/mode (for example, ‘block’) and no other rules will be processed.

ID string

Defines the unique identifier of the WAF rule.

maxLength32

AllowedModes []WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleAllowedMode

Defines the list of possible actions of the WAF rule when it is triggered.

One of the following:

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleAllowedModeDefault WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleAllowedMode = "default"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleAllowedModeDisable WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleAllowedMode = "disable"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleAllowedModeSimulate WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleAllowedMode = "simulate"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleAllowedModeBlock WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleAllowedMode = "block"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleAllowedModeChallenge WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleAllowedMode = "challenge"

DefaultMode WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleDefaultMode

Defines the default action/mode of a rule.

One of the following:

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleDefaultModeDisable WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleDefaultMode = "disable"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleDefaultModeSimulate WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleDefaultMode = "simulate"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleDefaultModeBlock WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleDefaultMode = "block"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleDefaultModeChallenge WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleDefaultMode = "challenge"

Description string

Defines the public description of the WAF rule.

Group WAFRuleGroup

Defines the rule group to which the current WAF rule belongs.

ID stringOptional

Defines the unique identifier of the rule group.

maxLength32

Name stringOptional

Defines the name of the rule group.

Mode WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleMode

Defines the action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules.

One of the following:

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleModeDefault WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleMode = "default"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleModeDisable WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleMode = "disable"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleModeSimulate WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleMode = "simulate"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleModeBlock WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleMode = "block"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleModeChallenge WAFPackageRuleListResponseWAFManagedRulesTraditionalDenyRuleMode = "challenge"

PackageID string

Defines the unique identifier of a WAF package.

maxLength32

Priority string

Defines the order in which the individual WAF rule is executed within its rule group.

type WAFPackageRuleListResponseWAFManagedRulesTraditionalAllowRule struct{…}

When triggered, traditional WAF rules cause the firewall to immediately act on the request based on the rule configuration. An ‘allow’ rule will immediately allow the request and no other rules will be processed.

ID string

Defines the unique identifier of the WAF rule.

maxLength32

AllowedModes []WAFPackageRuleListResponseWAFManagedRulesTraditionalAllowRuleAllowedMode

Defines the available modes for the current WAF rule.

One of the following:

const WAFPackageRuleListResponseWAFManagedRulesTraditionalAllowRuleAllowedModeOn WAFPackageRuleListResponseWAFManagedRulesTraditionalAllowRuleAllowedMode = "on"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalAllowRuleAllowedModeOff WAFPackageRuleListResponseWAFManagedRulesTraditionalAllowRuleAllowedMode = "off"

Description string

Defines the public description of the WAF rule.

Group WAFRuleGroup

Defines the rule group to which the current WAF rule belongs.

ID stringOptional

Defines the unique identifier of the rule group.

maxLength32

Name stringOptional

Defines the name of the rule group.

Mode WAFPackageRuleListResponseWAFManagedRulesTraditionalAllowRuleMode

When set to on, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules.

One of the following:

const WAFPackageRuleListResponseWAFManagedRulesTraditionalAllowRuleModeOn WAFPackageRuleListResponseWAFManagedRulesTraditionalAllowRuleMode = "on"

const WAFPackageRuleListResponseWAFManagedRulesTraditionalAllowRuleModeOff WAFPackageRuleListResponseWAFManagedRulesTraditionalAllowRuleMode = "off"

PackageID string

Defines the unique identifier of a WAF package.

maxLength32

Priority string

Defines the order in which the individual WAF rule is executed within its rule group.

List WAF rules

Go

HTTP

TypeScript

Python

Go

Terraform

package main

import (
  "context"
  "fmt"

  "github.com/stainless-sdks/cloudflare-go"
  "github.com/stainless-sdks/cloudflare-go/firewall"
  "github.com/stainless-sdks/cloudflare-go/option"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  page, err := client.Firewall.WAF.Packages.Rules.List(
    context.TODO(),
    "a25a9a7e9c00afc1fb2e0245519d725b",
    firewall.WAFPackageRuleListParams{
      ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
    },
  )
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", page)
}

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {
      "id": "f939de3be84e66e757adcdcb87908023",
      "allowed_modes": [
        "on",
        "off"
      ],
      "description": "SQL injection prevention for SELECT statements",
      "group": {
        "id": "de677e5818985db1285d0e80225f06e5",
        "name": "Project Honey Pot"
      },
      "mode": "on",
      "package_id": "a25a9a7e9c00afc1fb2e0245519d725b",
      "priority": "priority"
    }
  ],
  "success": true,
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000
  }
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {
      "id": "f939de3be84e66e757adcdcb87908023",
      "allowed_modes": [
        "on",
        "off"
      ],
      "description": "SQL injection prevention for SELECT statements",
      "group": {
        "id": "de677e5818985db1285d0e80225f06e5",
        "name": "Project Honey Pot"
      },
      "mode": "on",
      "package_id": "a25a9a7e9c00afc1fb2e0245519d725b",
      "priority": "priority"
    }
  ],
  "success": true,
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000
  }
}