Create, edit, and delete rules
A firewall rule has two main attributes: an expression and an action.
When an incoming HTTP request matches a firewall rule expression, Cloudflare performs the specified action. For more information, refer to Expressions and Actions.
-
Log in to the Cloudflare dashboard, and select your account and website.
-
Go to Security > WAF > Firewall rules.
-
Select Create a firewall rule.
-
In the Create firewall rule page that displays, use the Rule name input to supply a descriptive name.
-
Under When incoming requests match, use the Field drop-down list to choose an HTTP property (refer to Fields reference for details). For each request, the value of the property you choose for Field is compared to the value you specify for Value.
Alternatively, use the Expression Editor to define the rule expression.
-
Use the Operator drop-down list to choose a comparison operator. For an expression to match, the value of the request Field and the value specified in the Value input must satisfy the comparison operator.
-
Next, specify the value to match. If the value is an enumeration, then the Value control will be a drop-down list. Otherwise, it will be a text input.
-
To add a new sub-expression to the rule expression, select And or Or next to Value.
-
Select an action for your rule in the Action drop-down list.
-
To save and deploy your rule, select Deploy. If you are not ready to deploy your rule, select Save as draft.
After you choose an option, you return to the rules list, which displays your new rule.
Use the available options in the rules list to manage firewall rules.
Select Edit (wrench icon) located on the right of your rule in the rules list to open the Edit firewall rule panel and make the changes you want.
Use the toggle switch associated with a firewall rule to enable or disable it.
- Next to the rule you want to delete, select Delete (X icon).
- In the confirmation dialog, select Delete to complete the operation.
By default, Cloudflare evaluates firewall rules in list order, where rules are evaluated in the order they appear in the rules list. When list ordering is enabled, the rules list allows you to drag and drop firewall rules into position, as shown below.
Once there are more than 200 total rules (including inactive rules), you must manage evaluation using priority ordering, in which Cloudflare evaluates firewall rules in order of their priority number, starting with the lowest. When you cross this threshold, the firewall rules interface automatically switches to priority ordering. For more on working with priority ordering, refer to Order and priority.
Rule Preview allows customers on an Enterprise plan to understand the potential impact of a new firewall rule, by testing it against a sample of requests drawn from the last 72 hours of traffic.
Rule Preview is built into the Create firewall rule and Edit firewall rule panels so that you can test a rule as you edit it. For more information, refer to Preview rules.