Fetches WAF rules in a WAF package. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/).
/zones/{zone_id}/firewall/waf/packages/{package_id}/rules
get
WAF rules
waf-rules-list-waf-rules
{
"business": true,
"enterprise": true,
"free": false,
"pro": true
}null[
{
"in": "path",
"name": "package_id",
"required": true,
"schema": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
}
},
{
"in": "path",
"name": "zone_id",
"required": true,
"schema": {
"description": "Identifier",
"example": "023e105f4ecef8ad9ca31a8372d0c353",
"maxLength": 32,
"readOnly": true,
"type": "string"
}
},
{
"in": "query",
"name": "mode",
"schema": {
"description": "The action/mode a rule has been overridden to perform.",
"enum": [
"DIS",
"CHL",
"BLK",
"SIM"
],
"example": "CHL",
"type": "string"
}
},
{
"in": "query",
"name": "group_id",
"schema": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
}
},
{
"in": "query",
"name": "page",
"schema": {
"default": 1,
"description": "The page number of paginated results.",
"minimum": 1,
"type": "number"
}
},
{
"in": "query",
"name": "per_page",
"schema": {
"default": 50,
"description": "The number of rules per page.",
"maximum": 100,
"minimum": 5,
"type": "number"
}
},
{
"in": "query",
"name": "order",
"schema": {
"description": "The field used to sort returned rules.",
"enum": [
"priority",
"group_id",
"description"
],
"example": "status",
"type": "string"
}
},
{
"in": "query",
"name": "direction",
"schema": {
"description": "The direction used to sort returned rules.",
"enum": [
"asc",
"desc"
],
"example": "desc",
"type": "string"
}
},
{
"in": "query",
"name": "match",
"schema": {
"default": "all",
"description": "When set to `all`, all the search requirements must match. When set to `any`, only one of the search requirements has to match.",
"enum": [
"any",
"all"
],
"type": "string"
}
},
{
"in": "query",
"name": "description",
"schema": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
}
},
{
"in": "query",
"name": "priority",
"schema": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
]null{
"200": {
"content": {
"application/json": {
"schema": {
"allOf": [
{
"allOf": [
{
"properties": {
"errors": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"messages": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"result": {
"anyOf": [
{
"type": "object"
},
{
"items": {},
"type": "array"
},
{
"type": "string"
}
]
},
"success": {
"description": "Whether the API call was successful",
"enum": [
true
],
"example": true,
"type": "boolean"
}
},
"required": [
"success",
"errors",
"messages",
"result"
],
"type": "object"
},
{
"properties": {
"result": {
"items": {},
"nullable": true,
"type": "array"
},
"result_info": {
"properties": {
"count": {
"description": "Total number of results for the requested service",
"example": 1,
"type": "number"
},
"page": {
"description": "Current page within paginated list of results",
"example": 1,
"type": "number"
},
"per_page": {
"description": "Number of results per page of results",
"example": 20,
"type": "number"
},
"total_count": {
"description": "Total results available without any search parameters",
"example": 2000,
"type": "number"
}
},
"type": "object"
}
}
}
],
"type": "object"
},
{
"properties": {
"result": {
"items": {
"oneOf": [
{
"allOf": [
{
"allOf": [
{
"properties": {
"description": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
},
"group": {
"description": "The rule group to which the current WAF rule belongs.",
"properties": {
"id": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the rule group.",
"example": "Project Honey Pot",
"readOnly": true,
"type": "string"
}
},
"readOnly": true,
"type": "object"
},
"id": {
"description": "The unique identifier of the WAF rule.",
"example": "f939de3be84e66e757adcdcb87908023",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"package_id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"priority": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
}
]
},
{
"properties": {
"allowed_modes": {
"description": "Defines the available modes for the current WAF rule. Applies to anomaly detection WAF rules.",
"example": [
"on",
"off"
],
"items": {
"description": "When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
},
"readOnly": true,
"type": "array"
},
"mode": {
"description": "When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
}
}
}
],
"description": "When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the 'sensitivity' property of the WAF package.",
"required": [
"id",
"description",
"priority",
"allowed_modes",
"mode",
"group",
"package_id"
],
"title": "Anomaly detection WAF rule"
},
{
"allOf": [
{
"properties": {
"description": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
},
"group": {
"description": "The rule group to which the current WAF rule belongs.",
"properties": {
"id": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the rule group.",
"example": "Project Honey Pot",
"readOnly": true,
"type": "string"
}
},
"readOnly": true,
"type": "object"
},
"id": {
"description": "The unique identifier of the WAF rule.",
"example": "f939de3be84e66e757adcdcb87908023",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"package_id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"priority": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
},
{
"properties": {
"allowed_modes": {
"description": "The list of possible actions of the WAF rule when it is triggered.",
"example": [
"default",
"disable",
"simulate",
"block",
"challenge"
],
"items": {
"description": "The action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules.",
"enum": [
"default",
"disable",
"simulate",
"block",
"challenge"
],
"example": "block",
"type": "string"
},
"readOnly": true,
"type": "array"
},
"default_mode": {
"description": "The default action/mode of a rule.",
"enum": [
"disable",
"simulate",
"block",
"challenge"
],
"example": "block",
"readOnly": true
},
"mode": {
"description": "The action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules.",
"enum": [
"default",
"disable",
"simulate",
"block",
"challenge"
],
"example": "block",
"type": "string"
}
}
}
],
"description": "When triggered, traditional WAF rules cause the firewall to immediately act upon the request based on the configuration of the rule. A 'deny' rule will immediately respond to the request based on the configured rule action/mode (for example, 'block') and no other rules will be processed.",
"required": [
"id",
"description",
"priority",
"allowed_modes",
"default_mode",
"mode",
"group",
"package_id"
],
"title": "Traditional (deny) WAF rule"
},
{
"allOf": [
{
"properties": {
"description": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
},
"group": {
"description": "The rule group to which the current WAF rule belongs.",
"properties": {
"id": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the rule group.",
"example": "Project Honey Pot",
"readOnly": true,
"type": "string"
}
},
"readOnly": true,
"type": "object"
},
"id": {
"description": "The unique identifier of the WAF rule.",
"example": "f939de3be84e66e757adcdcb87908023",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"package_id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"priority": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
},
{
"properties": {
"allowed_modes": {
"description": "Defines the available modes for the current WAF rule.",
"example": [
"on",
"off"
],
"items": {
"description": "When set to `on`, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
},
"readOnly": true,
"type": "array"
},
"mode": {
"description": "When set to `on`, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
}
}
}
],
"description": "When triggered, traditional WAF rules cause the firewall to immediately act on the request based on the rule configuration. An 'allow' rule will immediately allow the request and no other rules will be processed.",
"required": [
"id",
"description",
"priority",
"allowed_modes",
"default_mode",
"mode",
"group",
"package_id"
],
"title": "Traditional (allow) WAF rule"
}
],
"type": "object"
},
"type": "array"
}
}
}
]
}
}
},
"description": "List WAF rules response"
},
"4XX": {
"content": {
"application/json": {
"schema": {
"allOf": [
{
"allOf": [
{
"allOf": [
{
"properties": {
"errors": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"messages": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"result": {
"anyOf": [
{
"type": "object"
},
{
"items": {},
"type": "array"
},
{
"type": "string"
}
]
},
"success": {
"description": "Whether the API call was successful",
"enum": [
true
],
"example": true,
"type": "boolean"
}
},
"required": [
"success",
"errors",
"messages",
"result"
],
"type": "object"
},
{
"properties": {
"result": {
"items": {},
"nullable": true,
"type": "array"
},
"result_info": {
"properties": {
"count": {
"description": "Total number of results for the requested service",
"example": 1,
"type": "number"
},
"page": {
"description": "Current page within paginated list of results",
"example": 1,
"type": "number"
},
"per_page": {
"description": "Number of results per page of results",
"example": 20,
"type": "number"
},
"total_count": {
"description": "Total results available without any search parameters",
"example": 2000,
"type": "number"
}
},
"type": "object"
}
}
}
],
"type": "object"
},
{
"properties": {
"result": {
"items": {
"oneOf": [
{
"allOf": [
{
"allOf": [
{
"properties": {
"description": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
},
"group": {
"description": "The rule group to which the current WAF rule belongs.",
"properties": {
"id": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the rule group.",
"example": "Project Honey Pot",
"readOnly": true,
"type": "string"
}
},
"readOnly": true,
"type": "object"
},
"id": {
"description": "The unique identifier of the WAF rule.",
"example": "f939de3be84e66e757adcdcb87908023",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"package_id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"priority": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
}
]
},
{
"properties": {
"allowed_modes": {
"description": "Defines the available modes for the current WAF rule. Applies to anomaly detection WAF rules.",
"example": [
"on",
"off"
],
"items": {
"description": "When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
},
"readOnly": true,
"type": "array"
},
"mode": {
"description": "When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
}
}
}
],
"description": "When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the 'sensitivity' property of the WAF package.",
"required": [
"id",
"description",
"priority",
"allowed_modes",
"mode",
"group",
"package_id"
],
"title": "Anomaly detection WAF rule"
},
{
"allOf": [
{
"properties": {
"description": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
},
"group": {
"description": "The rule group to which the current WAF rule belongs.",
"properties": {
"id": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the rule group.",
"example": "Project Honey Pot",
"readOnly": true,
"type": "string"
}
},
"readOnly": true,
"type": "object"
},
"id": {
"description": "The unique identifier of the WAF rule.",
"example": "f939de3be84e66e757adcdcb87908023",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"package_id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"priority": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
},
{
"properties": {
"allowed_modes": {
"description": "The list of possible actions of the WAF rule when it is triggered.",
"example": [
"default",
"disable",
"simulate",
"block",
"challenge"
],
"items": {
"description": "The action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules.",
"enum": [
"default",
"disable",
"simulate",
"block",
"challenge"
],
"example": "block",
"type": "string"
},
"readOnly": true,
"type": "array"
},
"default_mode": {
"description": "The default action/mode of a rule.",
"enum": [
"disable",
"simulate",
"block",
"challenge"
],
"example": "block",
"readOnly": true
},
"mode": {
"description": "The action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules.",
"enum": [
"default",
"disable",
"simulate",
"block",
"challenge"
],
"example": "block",
"type": "string"
}
}
}
],
"description": "When triggered, traditional WAF rules cause the firewall to immediately act upon the request based on the configuration of the rule. A 'deny' rule will immediately respond to the request based on the configured rule action/mode (for example, 'block') and no other rules will be processed.",
"required": [
"id",
"description",
"priority",
"allowed_modes",
"default_mode",
"mode",
"group",
"package_id"
],
"title": "Traditional (deny) WAF rule"
},
{
"allOf": [
{
"properties": {
"description": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
},
"group": {
"description": "The rule group to which the current WAF rule belongs.",
"properties": {
"id": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the rule group.",
"example": "Project Honey Pot",
"readOnly": true,
"type": "string"
}
},
"readOnly": true,
"type": "object"
},
"id": {
"description": "The unique identifier of the WAF rule.",
"example": "f939de3be84e66e757adcdcb87908023",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"package_id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"priority": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
},
{
"properties": {
"allowed_modes": {
"description": "Defines the available modes for the current WAF rule.",
"example": [
"on",
"off"
],
"items": {
"description": "When set to `on`, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
},
"readOnly": true,
"type": "array"
},
"mode": {
"description": "When set to `on`, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
}
}
}
],
"description": "When triggered, traditional WAF rules cause the firewall to immediately act on the request based on the rule configuration. An 'allow' rule will immediately allow the request and no other rules will be processed.",
"required": [
"id",
"description",
"priority",
"allowed_modes",
"default_mode",
"mode",
"group",
"package_id"
],
"title": "Traditional (allow) WAF rule"
}
],
"type": "object"
},
"type": "array"
}
}
}
]
},
{
"properties": {
"errors": {
"allOf": [
{
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
}
],
"example": [
{
"code": 7003,
"message": "No route for the URI"
}
],
"minLength": 1
},
"messages": {
"allOf": [
{
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
}
],
"example": []
},
"result": {
"enum": [
null
],
"nullable": true,
"type": "object"
},
"success": {
"description": "Whether the API call was successful",
"enum": [
false
],
"example": false,
"type": "boolean"
}
},
"required": [
"success",
"errors",
"messages",
"result"
],
"type": "object"
}
]
}
}
},
"description": "List WAF rules response failure"
}
}[
{
"api_email": [],
"api_key": []
}
]