Updates a WAF package. You can update the sensitivity and the action of an anomaly detection WAF package. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/).
/zones/{zone_identifier}/firewall/waf/packages/{identifier}
patch
WAF packages
waf-packages-update-a-waf-package
{
"business": true,
"enterprise": true,
"free": false,
"pro": true
}null[
{
"in": "path",
"name": "identifier",
"required": true,
"schema": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
}
},
{
"in": "path",
"name": "zone_identifier",
"required": true,
"schema": {
"description": "Identifier",
"example": "023e105f4ecef8ad9ca31a8372d0c353",
"maxLength": 32,
"readOnly": true,
"type": "string"
}
}
]{
"content": {
"application/json": {
"schema": {
"properties": {
"action_mode": {
"default": "challenge",
"description": "The default action performed by the rules in the WAF package.",
"enum": [
"simulate",
"block",
"challenge"
],
"type": "string"
},
"sensitivity": {
"default": "high",
"description": "The sensitivity of the WAF package.",
"enum": [
"high",
"medium",
"low",
"off"
],
"type": "string"
}
},
"type": "object"
}
}
},
"required": true
}{
"200": {
"content": {
"application/json": {
"schema": {
"allOf": [
{
"oneOf": [
{
"allOf": [
{
"properties": {
"errors": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"messages": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"result": {
"anyOf": [
{
"type": "object"
},
{
"items": {},
"type": "array"
},
{
"type": "string"
}
]
},
"success": {
"description": "Whether the API call was successful",
"enum": [
true
],
"example": true,
"type": "boolean"
}
},
"required": [
"success",
"errors",
"messages",
"result"
],
"type": "object"
},
{
"properties": {
"result": {
"anyOf": [
{
"type": "object"
},
{
"type": "string"
}
],
"nullable": true
}
}
}
],
"type": "object"
},
{
"properties": {
"result": {
"type": "object"
}
}
}
]
},
{
"properties": {
"result": {
"allOf": [
{
"properties": {
"description": {
"description": "A summary of the purpose/function of the WAF package.",
"example": "null",
"readOnly": true,
"type": "string"
},
"detection_mode": {
"description": "The mode that defines how rules within the package are evaluated during the course of a request. When a package uses anomaly detection mode (`anomaly` value), each rule is given a score when triggered. If the total score of all triggered rules exceeds the sensitivity defined in the WAF package, the action configured in the package will be performed. Traditional detection mode (`traditional` value) will decide the action to take when it is triggered by the request. If multiple rules are triggered, the action providing the highest protection will be applied (for example, a 'block' action will win over a 'challenge' action).",
"enum": [
"anomaly",
"traditional"
],
"example": "traditional",
"readOnly": true,
"type": "string"
},
"id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the WAF package.",
"example": "USER",
"readOnly": true,
"type": "string"
},
"status": {
"default": "active",
"description": "When set to `active`, indicates that the WAF package will be applied to the zone.",
"enum": [
"active"
],
"readOnly": true,
"type": "string"
},
"zone_id": {
"description": "Identifier",
"example": "023e105f4ecef8ad9ca31a8372d0c353",
"maxLength": 32,
"readOnly": true,
"type": "string"
}
},
"required": [
"id",
"name",
"description",
"detection_mode",
"zone_id"
],
"title": "Traditional WAF package"
},
{
"properties": {
"action_mode": {
"default": "challenge",
"description": "The default action performed by the rules in the WAF package.",
"enum": [
"simulate",
"block",
"challenge"
],
"type": "string"
},
"description": {
"description": "A summary of the purpose/function of the WAF package.",
"example": "Covers OWASP Top 10 vulnerabilities and more.",
"readOnly": true,
"type": "string"
},
"detection_mode": {
"description": "When a WAF package uses anomaly detection, each rule is given a score when triggered. If the total score of all triggered rules exceeds the sensitivity defined on the WAF package, the action defined on the package will be taken.",
"example": "anomaly",
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the WAF package.",
"example": "OWASP ModSecurity Core Rule Set",
"readOnly": true,
"type": "string"
},
"sensitivity": {
"default": "high",
"description": "The sensitivity of the WAF package.",
"enum": [
"high",
"medium",
"low",
"off"
],
"type": "string"
}
}
}
],
"required": [
"id",
"name",
"description",
"zone_id",
"detection_mode",
"sensitivity",
"action_mode"
],
"title": "Anomaly detection WAF package (OWASP)"
}
}
}
]
}
}
},
"description": "Update a WAF package response"
},
"4xx": {
"content": {
"application/json": {
"schema": {
"allOf": [
{
"allOf": [
{
"oneOf": [
{
"allOf": [
{
"properties": {
"errors": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"messages": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"result": {
"anyOf": [
{
"type": "object"
},
{
"items": {},
"type": "array"
},
{
"type": "string"
}
]
},
"success": {
"description": "Whether the API call was successful",
"enum": [
true
],
"example": true,
"type": "boolean"
}
},
"required": [
"success",
"errors",
"messages",
"result"
],
"type": "object"
},
{
"properties": {
"result": {
"anyOf": [
{
"type": "object"
},
{
"type": "string"
}
],
"nullable": true
}
}
}
],
"type": "object"
},
{
"properties": {
"result": {
"type": "object"
}
}
}
]
},
{
"properties": {
"result": {
"allOf": [
{
"properties": {
"description": {
"description": "A summary of the purpose/function of the WAF package.",
"example": "null",
"readOnly": true,
"type": "string"
},
"detection_mode": {
"description": "The mode that defines how rules within the package are evaluated during the course of a request. When a package uses anomaly detection mode (`anomaly` value), each rule is given a score when triggered. If the total score of all triggered rules exceeds the sensitivity defined in the WAF package, the action configured in the package will be performed. Traditional detection mode (`traditional` value) will decide the action to take when it is triggered by the request. If multiple rules are triggered, the action providing the highest protection will be applied (for example, a 'block' action will win over a 'challenge' action).",
"enum": [
"anomaly",
"traditional"
],
"example": "traditional",
"readOnly": true,
"type": "string"
},
"id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the WAF package.",
"example": "USER",
"readOnly": true,
"type": "string"
},
"status": {
"default": "active",
"description": "When set to `active`, indicates that the WAF package will be applied to the zone.",
"enum": [
"active"
],
"readOnly": true,
"type": "string"
},
"zone_id": {
"description": "Identifier",
"example": "023e105f4ecef8ad9ca31a8372d0c353",
"maxLength": 32,
"readOnly": true,
"type": "string"
}
},
"required": [
"id",
"name",
"description",
"detection_mode",
"zone_id"
],
"title": "Traditional WAF package"
},
{
"properties": {
"action_mode": {
"default": "challenge",
"description": "The default action performed by the rules in the WAF package.",
"enum": [
"simulate",
"block",
"challenge"
],
"type": "string"
},
"description": {
"description": "A summary of the purpose/function of the WAF package.",
"example": "Covers OWASP Top 10 vulnerabilities and more.",
"readOnly": true,
"type": "string"
},
"detection_mode": {
"description": "When a WAF package uses anomaly detection, each rule is given a score when triggered. If the total score of all triggered rules exceeds the sensitivity defined on the WAF package, the action defined on the package will be taken.",
"example": "anomaly",
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the WAF package.",
"example": "OWASP ModSecurity Core Rule Set",
"readOnly": true,
"type": "string"
},
"sensitivity": {
"default": "high",
"description": "The sensitivity of the WAF package.",
"enum": [
"high",
"medium",
"low",
"off"
],
"type": "string"
}
}
}
],
"required": [
"id",
"name",
"description",
"zone_id",
"detection_mode",
"sensitivity",
"action_mode"
],
"title": "Anomaly detection WAF package (OWASP)"
}
}
}
]
},
{
"properties": {
"errors": {
"allOf": [
{
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
}
],
"example": [
{
"code": 7003,
"message": "No route for the URI"
}
],
"minLength": 1
},
"messages": {
"allOf": [
{
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
}
],
"example": []
},
"result": {
"enum": [
null
],
"nullable": true,
"type": "object"
},
"success": {
"description": "Whether the API call was successful",
"enum": [
false
],
"example": false,
"type": "boolean"
}
},
"required": [
"success",
"errors",
"messages",
"result"
],
"type": "object"
}
]
}
}
},
"description": "Update a WAF package response failure"
}
}[
{
"api_email": [],
"api_key": []
},
{
"api_token": []
}
]