Updates a WAF rule. You can only update the mode/action of the rule. **Note:** Applies only to the [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/).
/zones/{zone_id}/firewall/waf/packages/{package_id}/rules/{identifier}
patch
WAF rules
waf-rules-update-a-waf-rule
{
"business": true,
"enterprise": true,
"free": false,
"pro": true
}null[
{
"in": "path",
"name": "identifier",
"required": true,
"schema": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
}
},
{
"in": "path",
"name": "package_id",
"required": true,
"schema": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
}
},
{
"in": "path",
"name": "zone_id",
"required": true,
"schema": {
"description": "Identifier",
"example": "023e105f4ecef8ad9ca31a8372d0c353",
"maxLength": 32,
"readOnly": true,
"type": "string"
}
}
]{
"content": {
"application/json": {
"schema": {
"properties": {
"mode": {
"description": "The mode/action of the rule when triggered. You must use a value from the `allowed_modes` array of the current rule.",
"enum": [
"default",
"disable",
"simulate",
"block",
"challenge",
"on",
"off"
],
"example": "on"
}
}
}
}
},
"required": true
}{
"200": {
"content": {
"application/json": {
"schema": {
"allOf": [
{
"allOf": [
{
"allOf": [
{
"properties": {
"errors": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"messages": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"result": {
"anyOf": [
{
"type": "object"
},
{
"items": {},
"type": "array"
},
{
"type": "string"
}
]
},
"success": {
"description": "Whether the API call was successful",
"enum": [
true
],
"example": true,
"type": "boolean"
}
},
"required": [
"success",
"errors",
"messages",
"result"
],
"type": "object"
},
{
"properties": {
"result": {
"oneOf": [
{
"nullable": true,
"type": "object"
},
{
"nullable": true,
"type": "string"
}
]
}
}
}
],
"type": "object"
},
{
"properties": {
"result": {
"type": "object"
}
}
}
]
},
{
"properties": {
"result": {
"oneOf": [
{
"allOf": [
{
"allOf": [
{
"properties": {
"description": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
},
"group": {
"description": "The rule group to which the current WAF rule belongs.",
"properties": {
"id": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the rule group.",
"example": "Project Honey Pot",
"readOnly": true,
"type": "string"
}
},
"readOnly": true,
"type": "object"
},
"id": {
"description": "The unique identifier of the WAF rule.",
"example": "f939de3be84e66e757adcdcb87908023",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"package_id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"priority": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
}
]
},
{
"properties": {
"allowed_modes": {
"description": "Defines the available modes for the current WAF rule. Applies to anomaly detection WAF rules.",
"example": [
"on",
"off"
],
"items": {
"description": "When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
},
"readOnly": true,
"type": "array"
},
"mode": {
"description": "When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
}
}
}
],
"description": "When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the 'sensitivity' property of the WAF package.",
"required": [
"id",
"description",
"priority",
"allowed_modes",
"mode",
"group",
"package_id"
],
"title": "Anomaly detection WAF rule"
},
{
"allOf": [
{
"properties": {
"description": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
},
"group": {
"description": "The rule group to which the current WAF rule belongs.",
"properties": {
"id": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the rule group.",
"example": "Project Honey Pot",
"readOnly": true,
"type": "string"
}
},
"readOnly": true,
"type": "object"
},
"id": {
"description": "The unique identifier of the WAF rule.",
"example": "f939de3be84e66e757adcdcb87908023",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"package_id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"priority": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
},
{
"properties": {
"allowed_modes": {
"description": "The list of possible actions of the WAF rule when it is triggered.",
"example": [
"default",
"disable",
"simulate",
"block",
"challenge"
],
"items": {
"description": "The action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules.",
"enum": [
"default",
"disable",
"simulate",
"block",
"challenge"
],
"example": "block",
"type": "string"
},
"readOnly": true,
"type": "array"
},
"default_mode": {
"description": "The default action/mode of a rule.",
"enum": [
"disable",
"simulate",
"block",
"challenge"
],
"example": "block",
"readOnly": true
},
"mode": {
"description": "The action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules.",
"enum": [
"default",
"disable",
"simulate",
"block",
"challenge"
],
"example": "block",
"type": "string"
}
}
}
],
"description": "When triggered, traditional WAF rules cause the firewall to immediately act upon the request based on the configuration of the rule. A 'deny' rule will immediately respond to the request based on the configured rule action/mode (for example, 'block') and no other rules will be processed.",
"required": [
"id",
"description",
"priority",
"allowed_modes",
"default_mode",
"mode",
"group",
"package_id"
],
"title": "Traditional (deny) WAF rule"
},
{
"allOf": [
{
"properties": {
"description": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
},
"group": {
"description": "The rule group to which the current WAF rule belongs.",
"properties": {
"id": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the rule group.",
"example": "Project Honey Pot",
"readOnly": true,
"type": "string"
}
},
"readOnly": true,
"type": "object"
},
"id": {
"description": "The unique identifier of the WAF rule.",
"example": "f939de3be84e66e757adcdcb87908023",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"package_id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"priority": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
},
{
"properties": {
"allowed_modes": {
"description": "Defines the available modes for the current WAF rule.",
"example": [
"on",
"off"
],
"items": {
"description": "When set to `on`, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
},
"readOnly": true,
"type": "array"
},
"mode": {
"description": "When set to `on`, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
}
}
}
],
"description": "When triggered, traditional WAF rules cause the firewall to immediately act on the request based on the rule configuration. An 'allow' rule will immediately allow the request and no other rules will be processed.",
"required": [
"id",
"description",
"priority",
"allowed_modes",
"default_mode",
"mode",
"group",
"package_id"
],
"title": "Traditional (allow) WAF rule"
}
]
}
}
}
]
}
}
},
"description": "Update a WAF rule response"
},
"4XX": {
"content": {
"application/json": {
"schema": {
"allOf": [
{
"allOf": [
{
"allOf": [
{
"allOf": [
{
"properties": {
"errors": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"messages": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"result": {
"anyOf": [
{
"type": "object"
},
{
"items": {},
"type": "array"
},
{
"type": "string"
}
]
},
"success": {
"description": "Whether the API call was successful",
"enum": [
true
],
"example": true,
"type": "boolean"
}
},
"required": [
"success",
"errors",
"messages",
"result"
],
"type": "object"
},
{
"properties": {
"result": {
"oneOf": [
{
"nullable": true,
"type": "object"
},
{
"nullable": true,
"type": "string"
}
]
}
}
}
],
"type": "object"
},
{
"properties": {
"result": {
"type": "object"
}
}
}
]
},
{
"properties": {
"result": {
"oneOf": [
{
"allOf": [
{
"allOf": [
{
"properties": {
"description": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
},
"group": {
"description": "The rule group to which the current WAF rule belongs.",
"properties": {
"id": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the rule group.",
"example": "Project Honey Pot",
"readOnly": true,
"type": "string"
}
},
"readOnly": true,
"type": "object"
},
"id": {
"description": "The unique identifier of the WAF rule.",
"example": "f939de3be84e66e757adcdcb87908023",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"package_id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"priority": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
}
]
},
{
"properties": {
"allowed_modes": {
"description": "Defines the available modes for the current WAF rule. Applies to anomaly detection WAF rules.",
"example": [
"on",
"off"
],
"items": {
"description": "When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
},
"readOnly": true,
"type": "array"
},
"mode": {
"description": "When set to `on`, the current WAF rule will be used when evaluating the request. Applies to anomaly detection WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
}
}
}
],
"description": "When triggered, anomaly detection WAF rules contribute to an overall threat score that will determine if a request is considered malicious. You can configure the total scoring threshold through the 'sensitivity' property of the WAF package.",
"required": [
"id",
"description",
"priority",
"allowed_modes",
"mode",
"group",
"package_id"
],
"title": "Anomaly detection WAF rule"
},
{
"allOf": [
{
"properties": {
"description": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
},
"group": {
"description": "The rule group to which the current WAF rule belongs.",
"properties": {
"id": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the rule group.",
"example": "Project Honey Pot",
"readOnly": true,
"type": "string"
}
},
"readOnly": true,
"type": "object"
},
"id": {
"description": "The unique identifier of the WAF rule.",
"example": "f939de3be84e66e757adcdcb87908023",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"package_id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"priority": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
},
{
"properties": {
"allowed_modes": {
"description": "The list of possible actions of the WAF rule when it is triggered.",
"example": [
"default",
"disable",
"simulate",
"block",
"challenge"
],
"items": {
"description": "The action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules.",
"enum": [
"default",
"disable",
"simulate",
"block",
"challenge"
],
"example": "block",
"type": "string"
},
"readOnly": true,
"type": "array"
},
"default_mode": {
"description": "The default action/mode of a rule.",
"enum": [
"disable",
"simulate",
"block",
"challenge"
],
"example": "block",
"readOnly": true
},
"mode": {
"description": "The action that the current WAF rule will perform when triggered. Applies to traditional (deny) WAF rules.",
"enum": [
"default",
"disable",
"simulate",
"block",
"challenge"
],
"example": "block",
"type": "string"
}
}
}
],
"description": "When triggered, traditional WAF rules cause the firewall to immediately act upon the request based on the configuration of the rule. A 'deny' rule will immediately respond to the request based on the configured rule action/mode (for example, 'block') and no other rules will be processed.",
"required": [
"id",
"description",
"priority",
"allowed_modes",
"default_mode",
"mode",
"group",
"package_id"
],
"title": "Traditional (deny) WAF rule"
},
{
"allOf": [
{
"properties": {
"description": {
"description": "The public description of the WAF rule.",
"example": "SQL injection prevention for SELECT statements",
"readOnly": true,
"type": "string"
},
"group": {
"description": "The rule group to which the current WAF rule belongs.",
"properties": {
"id": {
"description": "The unique identifier of the rule group.",
"example": "de677e5818985db1285d0e80225f06e5",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"name": {
"description": "The name of the rule group.",
"example": "Project Honey Pot",
"readOnly": true,
"type": "string"
}
},
"readOnly": true,
"type": "object"
},
"id": {
"description": "The unique identifier of the WAF rule.",
"example": "f939de3be84e66e757adcdcb87908023",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"package_id": {
"description": "The unique identifier of a WAF package.",
"example": "a25a9a7e9c00afc1fb2e0245519d725b",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"priority": {
"description": "The order in which the individual WAF rule is executed within its rule group.",
"readOnly": true,
"type": "string"
}
}
},
{
"properties": {
"allowed_modes": {
"description": "Defines the available modes for the current WAF rule.",
"example": [
"on",
"off"
],
"items": {
"description": "When set to `on`, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
},
"readOnly": true,
"type": "array"
},
"mode": {
"description": "When set to `on`, the current rule will be used when evaluating the request. Applies to traditional (allow) WAF rules.",
"enum": [
"on",
"off"
],
"example": "on",
"type": "string"
}
}
}
],
"description": "When triggered, traditional WAF rules cause the firewall to immediately act on the request based on the rule configuration. An 'allow' rule will immediately allow the request and no other rules will be processed.",
"required": [
"id",
"description",
"priority",
"allowed_modes",
"default_mode",
"mode",
"group",
"package_id"
],
"title": "Traditional (allow) WAF rule"
}
]
}
}
}
]
},
{
"properties": {
"errors": {
"allOf": [
{
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
}
],
"example": [
{
"code": 7003,
"message": "No route for the URI"
}
],
"minLength": 1
},
"messages": {
"allOf": [
{
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
}
],
"example": []
},
"result": {
"enum": [
null
],
"nullable": true,
"type": "object"
},
"success": {
"description": "Whether the API call was successful",
"enum": [
false
],
"example": false,
"type": "boolean"
}
},
"required": [
"success",
"errors",
"messages",
"result"
],
"type": "object"
}
]
}
}
},
"description": "Update a WAF rule response failure"
}
}[
{
"api_email": [],
"api_key": []
}
]