API Reference

Rulesets

Phases

Versions

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Get an account or zone entry point ruleset version

client.Rulesets.Phases.Versions.Get(ctx, rulesetPhase, rulesetVersion, query) (*PhaseVersionGetResponse, error)

GET/{accounts_or_zones}/{account_or_zone_id}/rulesets/phases/{ruleset_phase}/entrypoint/versions/{ruleset_version}

Fetches a specific version of an account or zone entry point ruleset.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Mass URL Redirects WriteMass URL Redirects ReadMagic Firewall WriteMagic Firewall ReadL4 DDoS Managed Ruleset WriteL4 DDoS Managed Ruleset ReadTransform Rules WriteTransform Rules ReadSelect Configuration WriteSelect Configuration ReadAccount WAF WriteAccount WAF ReadAccount Rulesets ReadAccount Rulesets WriteLogs WriteLogs Read

ParametersExpand Collapse

RulesetPhase Phase

The phase of the ruleset.

One of the following:

const PhaseDDoSL4 Phase = "ddos_l4"

const PhaseDDoSL7 Phase = "ddos_l7"

const PhaseHTTPConfigSettings Phase = "http_config_settings"

const PhaseHTTPCustomErrors Phase = "http_custom_errors"

const PhaseHTTPLogCustomFields Phase = "http_log_custom_fields"

const PhaseHTTPRatelimit Phase = "http_ratelimit"

const PhaseHTTPRequestCacheSettings Phase = "http_request_cache_settings"

const PhaseHTTPRequestDynamicRedirect Phase = "http_request_dynamic_redirect"

const PhaseHTTPRequestFirewallCustom Phase = "http_request_firewall_custom"

const PhaseHTTPRequestFirewallManaged Phase = "http_request_firewall_managed"

const PhaseHTTPRequestLateTransform Phase = "http_request_late_transform"

const PhaseHTTPRequestOrigin Phase = "http_request_origin"

const PhaseHTTPRequestRedirect Phase = "http_request_redirect"

const PhaseHTTPRequestSanitize Phase = "http_request_sanitize"

const PhaseHTTPRequestSBFM Phase = "http_request_sbfm"

const PhaseHTTPRequestTransform Phase = "http_request_transform"

const PhaseHTTPResponseCacheSettings Phase = "http_response_cache_settings"

const PhaseHTTPResponseCompression Phase = "http_response_compression"

const PhaseHTTPResponseFirewallManaged Phase = "http_response_firewall_managed"

const PhaseHTTPResponseHeadersTransform Phase = "http_response_headers_transform"

const PhaseMagicTransit Phase = "magic_transit"

const PhaseMagicTransitIDsManaged Phase = "magic_transit_ids_managed"

const PhaseMagicTransitManaged Phase = "magic_transit_managed"

const PhaseMagicTransitRatelimit Phase = "magic_transit_ratelimit"

rulesetVersion string

The version of the ruleset.

query PhaseVersionGetParams

AccountID param.Field[string]Optional

The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.

ZoneID param.Field[string]Optional

The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.

ReturnsExpand Collapse

type PhaseVersionGetResponse struct{…}

A ruleset object.

ID string

The unique ID of the ruleset.

Kind Kind

The kind of the ruleset.

One of the following:

const KindManaged Kind = "managed"

const KindCustom Kind = "custom"

const KindRoot Kind = "root"

const KindZone Kind = "zone"

LastUpdated Time

The timestamp of when the ruleset was last modified.

formatdate-time

Name string

The human-readable name of the ruleset.

minLength1

Phase Phase

The phase of the ruleset.

One of the following:

const PhaseDDoSL4 Phase = "ddos_l4"

const PhaseDDoSL7 Phase = "ddos_l7"

const PhaseHTTPConfigSettings Phase = "http_config_settings"

const PhaseHTTPCustomErrors Phase = "http_custom_errors"

const PhaseHTTPLogCustomFields Phase = "http_log_custom_fields"

const PhaseHTTPRatelimit Phase = "http_ratelimit"

const PhaseHTTPRequestCacheSettings Phase = "http_request_cache_settings"

const PhaseHTTPRequestDynamicRedirect Phase = "http_request_dynamic_redirect"

const PhaseHTTPRequestFirewallCustom Phase = "http_request_firewall_custom"

const PhaseHTTPRequestFirewallManaged Phase = "http_request_firewall_managed"

const PhaseHTTPRequestLateTransform Phase = "http_request_late_transform"

const PhaseHTTPRequestOrigin Phase = "http_request_origin"

const PhaseHTTPRequestRedirect Phase = "http_request_redirect"

const PhaseHTTPRequestSanitize Phase = "http_request_sanitize"

const PhaseHTTPRequestSBFM Phase = "http_request_sbfm"

const PhaseHTTPRequestTransform Phase = "http_request_transform"

const PhaseHTTPResponseCacheSettings Phase = "http_response_cache_settings"

const PhaseHTTPResponseCompression Phase = "http_response_compression"

const PhaseHTTPResponseFirewallManaged Phase = "http_response_firewall_managed"

const PhaseHTTPResponseHeadersTransform Phase = "http_response_headers_transform"

const PhaseMagicTransit Phase = "magic_transit"

const PhaseMagicTransitIDsManaged Phase = "magic_transit_ids_managed"

const PhaseMagicTransitManaged Phase = "magic_transit_managed"

const PhaseMagicTransitRatelimit Phase = "magic_transit_ratelimit"

Rules []PhaseVersionGetResponseRule

The list of rules in the ruleset.

One of the following:

type BlockRule struct{…}

LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time

Version string

The version of the rule.

ID stringOptional

The unique ID of the rule.

Action BlockRuleActionOptional

The action to perform when the rule matches.

ActionParameters BlockRuleActionParametersOptional

The parameters configuring the rule’s action.

Response BlockRuleActionParametersResponseOptional

The response to show when the block is applied.

Content string

The content to return.

minLength1

ContentType string

The type of the content to return.

minLength1

StatusCode int64

The status code to return.

maximum499

minimum400

Categories []stringOptional

The categories of the rule.

Description stringOptional

An informative description of the rule.

Enabled boolOptional

Whether the rule should be executed.

ExposedCredentialCheck BlockRuleExposedCredentialCheckOptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1

UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1

Expression stringOptional

The expression defining which traffic will match the rule.

minLength1

Logging LoggingOptional

An object configuring the rule’s logging behavior.

Enabled bool

Whether to generate a log when the rule matches.

Ratelimit BlockRuleRatelimitOptional

An object configuring the rule’s rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0

CountingExpression stringOptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule’s expression.

minLength1

MitigationTimeout int64Optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64Optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1

RequestsToOrigin boolOptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64Optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringOptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1

Ref stringOptional

The reference of the rule (the rule’s ID by default).

minLength1

type PhaseVersionGetResponseRulesRulesetsChallengeRule struct{…}

LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time

Version string

The version of the rule.

ID stringOptional

The unique ID of the rule.

Action PhaseVersionGetResponseRulesRulesetsChallengeRuleActionOptional

The action to perform when the rule matches.

ActionParameters unknownOptional

The parameters configuring the rule’s action.

Categories []stringOptional

The categories of the rule.

Description stringOptional

An informative description of the rule.

Enabled boolOptional

Whether the rule should be executed.

ExposedCredentialCheck PhaseVersionGetResponseRulesRulesetsChallengeRuleExposedCredentialCheckOptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1

UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1

Expression stringOptional

The expression defining which traffic will match the rule.

minLength1

Logging LoggingOptional

An object configuring the rule’s logging behavior.

Enabled bool

Whether to generate a log when the rule matches.

Ratelimit PhaseVersionGetResponseRulesRulesetsChallengeRuleRatelimitOptional

An object configuring the rule’s rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0

CountingExpression stringOptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule’s expression.

minLength1

MitigationTimeout int64Optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64Optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1

RequestsToOrigin boolOptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64Optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringOptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1

Ref stringOptional

The reference of the rule (the rule’s ID by default).

minLength1

type CompressResponseRule struct{…}

LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time

Version string

The version of the rule.

ID stringOptional

The unique ID of the rule.

Action CompressResponseRuleActionOptional

The action to perform when the rule matches.

ActionParameters CompressResponseRuleActionParametersOptional

The parameters configuring the rule’s action.

Algorithms []CompressResponseRuleActionParametersAlgorithm

Custom order for compression algorithms.

Name CompressResponseRuleActionParametersAlgorithmsNameOptional

Name of the compression algorithm to enable.

One of the following:

const CompressResponseRuleActionParametersAlgorithmsNameNone CompressResponseRuleActionParametersAlgorithmsName = "none"

const CompressResponseRuleActionParametersAlgorithmsNameAuto CompressResponseRuleActionParametersAlgorithmsName = "auto"

const CompressResponseRuleActionParametersAlgorithmsNameDefault CompressResponseRuleActionParametersAlgorithmsName = "default"

const CompressResponseRuleActionParametersAlgorithmsNameGzip CompressResponseRuleActionParametersAlgorithmsName = "gzip"

const CompressResponseRuleActionParametersAlgorithmsNameBrotli CompressResponseRuleActionParametersAlgorithmsName = "brotli"

const CompressResponseRuleActionParametersAlgorithmsNameZstd CompressResponseRuleActionParametersAlgorithmsName = "zstd"

Categories []stringOptional

The categories of the rule.

Description stringOptional

An informative description of the rule.

Enabled boolOptional

Whether the rule should be executed.

ExposedCredentialCheck CompressResponseRuleExposedCredentialCheckOptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1

UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1

Expression stringOptional

The expression defining which traffic will match the rule.

minLength1

Logging LoggingOptional

An object configuring the rule’s logging behavior.

Enabled bool

Whether to generate a log when the rule matches.

Ratelimit CompressResponseRuleRatelimitOptional

An object configuring the rule’s rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0

CountingExpression stringOptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule’s expression.

minLength1

MitigationTimeout int64Optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64Optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1

RequestsToOrigin boolOptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64Optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringOptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1

Ref stringOptional

The reference of the rule (the rule’s ID by default).

minLength1

type DDoSDynamicRule struct{…}

LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time

Version string

The version of the rule.

ID stringOptional

The unique ID of the rule.

Action DDoSDynamicRuleActionOptional

The action to perform when the rule matches.

ActionParameters unknownOptional

The parameters configuring the rule’s action.

Categories []stringOptional

The categories of the rule.

Description stringOptional

An informative description of the rule.

Enabled boolOptional

Whether the rule should be executed.

ExposedCredentialCheck DDoSDynamicRuleExposedCredentialCheckOptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1

UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1

Expression stringOptional

The expression defining which traffic will match the rule.

minLength1

Logging LoggingOptional

An object configuring the rule’s logging behavior.

Enabled bool

Whether to generate a log when the rule matches.

Ratelimit DDoSDynamicRuleRatelimitOptional

An object configuring the rule’s rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0

CountingExpression stringOptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule’s expression.

minLength1

MitigationTimeout int64Optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64Optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1

RequestsToOrigin boolOptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64Optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringOptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1

Ref stringOptional

The reference of the rule (the rule’s ID by default).

minLength1

type ExecuteRule struct{…}

LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time

Version string

The version of the rule.

ID stringOptional

The unique ID of the rule.

Action ExecuteRuleActionOptional

The action to perform when the rule matches.

ActionParameters ExecuteRuleActionParametersOptional

The parameters configuring the rule’s action.

ID string

The ID of the ruleset to execute.

MatchedData ExecuteRuleActionParametersMatchedDataOptional

The configuration to use for matched data logging.

PublicKey string

The public key to encrypt matched data logs with.

minLength1

Overrides ExecuteRuleActionParametersOverridesOptional

A set of overrides to apply to the target ruleset.

Action stringOptional

An action to override all rules with. This option has lower precedence than rule and category overrides.

Categories []ExecuteRuleActionParametersOverridesCategoryOptional

A list of category-level overrides. This option has the second-highest precedence after rule-level overrides.

Category string

The name of the category to override.

minLength1

Action stringOptional

The action to override rules in the category with.

Enabled boolOptional

Whether to enable execution of rules in the category.

SensitivityLevel ExecuteRuleActionParametersOverridesCategoriesSensitivityLevelOptional

The sensitivity level to use for rules in the category. This option is only applicable for DDoS phases.

One of the following:

const ExecuteRuleActionParametersOverridesCategoriesSensitivityLevelDefault ExecuteRuleActionParametersOverridesCategoriesSensitivityLevel = "default"

const ExecuteRuleActionParametersOverridesCategoriesSensitivityLevelMedium ExecuteRuleActionParametersOverridesCategoriesSensitivityLevel = "medium"

const ExecuteRuleActionParametersOverridesCategoriesSensitivityLevelLow ExecuteRuleActionParametersOverridesCategoriesSensitivityLevel = "low"

const ExecuteRuleActionParametersOverridesCategoriesSensitivityLevelEoff ExecuteRuleActionParametersOverridesCategoriesSensitivityLevel = "eoff"

Enabled boolOptional

Whether to enable execution of all rules. This option has lower precedence than rule and category overrides.

Rules []ExecuteRuleActionParametersOverridesRuleOptional

A list of rule-level overrides. This option has the highest precedence.

ID string

The ID of the rule to override.

Action stringOptional

The action to override the rule with.

Enabled boolOptional

Whether to enable execution of the rule.

ScoreThreshold int64Optional

The score threshold to use for the rule.

SensitivityLevel ExecuteRuleActionParametersOverridesRulesSensitivityLevelOptional

The sensitivity level to use for the rule. This option is only applicable for DDoS phases.

One of the following:

const ExecuteRuleActionParametersOverridesRulesSensitivityLevelDefault ExecuteRuleActionParametersOverridesRulesSensitivityLevel = "default"

const ExecuteRuleActionParametersOverridesRulesSensitivityLevelMedium ExecuteRuleActionParametersOverridesRulesSensitivityLevel = "medium"

const ExecuteRuleActionParametersOverridesRulesSensitivityLevelLow ExecuteRuleActionParametersOverridesRulesSensitivityLevel = "low"

const ExecuteRuleActionParametersOverridesRulesSensitivityLevelEoff ExecuteRuleActionParametersOverridesRulesSensitivityLevel = "eoff"

SensitivityLevel ExecuteRuleActionParametersOverridesSensitivityLevelOptional

A sensitivity level to set for all rules. This option has lower precedence than rule and category overrides and is only applicable for DDoS phases.

One of the following:

const ExecuteRuleActionParametersOverridesSensitivityLevelDefault ExecuteRuleActionParametersOverridesSensitivityLevel = "default"

const ExecuteRuleActionParametersOverridesSensitivityLevelMedium ExecuteRuleActionParametersOverridesSensitivityLevel = "medium"

const ExecuteRuleActionParametersOverridesSensitivityLevelLow ExecuteRuleActionParametersOverridesSensitivityLevel = "low"

const ExecuteRuleActionParametersOverridesSensitivityLevelEoff ExecuteRuleActionParametersOverridesSensitivityLevel = "eoff"

Categories []stringOptional

The categories of the rule.

Description stringOptional

An informative description of the rule.

Enabled boolOptional

Whether the rule should be executed.

ExposedCredentialCheck ExecuteRuleExposedCredentialCheckOptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1

UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1

Expression stringOptional

The expression defining which traffic will match the rule.

minLength1

Logging LoggingOptional

An object configuring the rule’s logging behavior.

Enabled bool

Whether to generate a log when the rule matches.

Ratelimit ExecuteRuleRatelimitOptional

An object configuring the rule’s rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0

CountingExpression stringOptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule’s expression.

minLength1

MitigationTimeout int64Optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64Optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1

RequestsToOrigin boolOptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64Optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringOptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1

Ref stringOptional

The reference of the rule (the rule’s ID by default).

minLength1

type ForceConnectionCloseRule struct{…}

LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time

Version string

The version of the rule.

ID stringOptional

The unique ID of the rule.

Action ForceConnectionCloseRuleActionOptional

The action to perform when the rule matches.

ActionParameters unknownOptional

The parameters configuring the rule’s action.

Categories []stringOptional

The categories of the rule.

Description stringOptional

An informative description of the rule.

Enabled boolOptional

Whether the rule should be executed.

ExposedCredentialCheck ForceConnectionCloseRuleExposedCredentialCheckOptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1

UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1

Expression stringOptional

The expression defining which traffic will match the rule.

minLength1

Logging LoggingOptional

An object configuring the rule’s logging behavior.

Enabled bool

Whether to generate a log when the rule matches.

Ratelimit ForceConnectionCloseRuleRatelimitOptional

An object configuring the rule’s rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0

CountingExpression stringOptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule’s expression.

minLength1

MitigationTimeout int64Optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64Optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1

RequestsToOrigin boolOptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64Optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringOptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1

Ref stringOptional

The reference of the rule (the rule’s ID by default).

minLength1

type PhaseVersionGetResponseRulesRulesetsJSChallengeRule struct{…}

LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time

Version string

The version of the rule.

ID stringOptional

The unique ID of the rule.

Action PhaseVersionGetResponseRulesRulesetsJSChallengeRuleActionOptional

The action to perform when the rule matches.

ActionParameters unknownOptional

The parameters configuring the rule’s action.

Categories []stringOptional

The categories of the rule.

Description stringOptional

An informative description of the rule.

Enabled boolOptional

Whether the rule should be executed.

ExposedCredentialCheck PhaseVersionGetResponseRulesRulesetsJSChallengeRuleExposedCredentialCheckOptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1

UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1

Expression stringOptional

The expression defining which traffic will match the rule.

minLength1

Logging LoggingOptional

An object configuring the rule’s logging behavior.

Enabled bool

Whether to generate a log when the rule matches.

Ratelimit PhaseVersionGetResponseRulesRulesetsJSChallengeRuleRatelimitOptional

An object configuring the rule’s rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0

CountingExpression stringOptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule’s expression.

minLength1

MitigationTimeout int64Optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64Optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1

RequestsToOrigin boolOptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64Optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringOptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1

Ref stringOptional

The reference of the rule (the rule’s ID by default).

minLength1

type LogRule struct{…}

LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time

Version string

The version of the rule.

ID stringOptional

The unique ID of the rule.

Action LogRuleActionOptional

The action to perform when the rule matches.

ActionParameters unknownOptional

The parameters configuring the rule’s action.

Categories []stringOptional

The categories of the rule.

Description stringOptional

An informative description of the rule.

Enabled boolOptional

Whether the rule should be executed.

ExposedCredentialCheck LogRuleExposedCredentialCheckOptional

Configuration for exposed credential checking.

PasswordExpression string

An expression that selects the password used in the credentials check.

minLength1

UsernameExpression string

An expression that selects the user ID used in the credentials check.

minLength1

Expression stringOptional

The expression defining which traffic will match the rule.

minLength1

Logging LoggingOptional

An object configuring the rule’s logging behavior.

Enabled bool

Whether to generate a log when the rule matches.

Ratelimit LogRuleRatelimitOptional

An object configuring the rule’s rate limit behavior.

Characteristics []string

Characteristics of the request on which the rate limit counter will be incremented.

Period int64

Period in seconds over which the counter is being incremented.

minimum0

CountingExpression stringOptional

An expression that defines when the rate limit counter should be incremented. It defaults to the same as the rule’s expression.

minLength1

MitigationTimeout int64Optional

Period of time in seconds after which the action will be disabled following its first execution.

RequestsPerPeriod int64Optional

The threshold of requests per period after which the action will be executed for the first time.

minimum1

RequestsToOrigin boolOptional

Whether counting is only performed when an origin is reached.

ScorePerPeriod int64Optional

The score threshold per period for which the action will be executed the first time.

ScoreResponseHeaderName stringOptional

A response header name provided by the origin, which contains the score to increment rate limit counter with.

minLength1

Ref stringOptional

The reference of the rule (the rule’s ID by default).

minLength1

type LogCustomFieldRule struct{…}

LastUpdated Time

The timestamp of when the rule was last modified.

formatdate-time

Version string

The version of the rule.

ID stringOptional

The unique ID of the rule.

Action LogCustomFieldRuleActionOptional

The action to perform when the rule matches.

ActionParameters LogCustomFieldRuleActionParametersOptional

The parameters configuring the rule’s action.

CookieFields []LogCustomFieldRuleActionParametersCookieFieldOptional

The cookie fields to log.

Name string

The name of the cookie.

minLength1

RawResponseFields []LogCustomFieldRuleActionParametersRawResponseFieldOptional

The raw response fields to log.

Name string

The name of the response header.

minLength1

PreserveDuplicates boolOptional

Whether to log duplicate values of the same header.

RequestFields []LogCustomFieldRuleActionParametersRequestFieldOptional

The raw request fields to log.

Name string

The name of the header.

minLength1

ResponseFields []LogCustomFieldRuleActionParametersResponseFieldOptional

The transformed response fields to log.

Name string

The name of the response header.

minLength1