Skip to content

JSON object

Ruleset object

A fully populated ruleset object has the following JSON structure.

{
"id": "6a359df138c442b385d20140d4d96919",
"name": "Example Ruleset",
"description": "Description of Example Ruleset",
"kind": "custom",
"version": "2",
"phase": "http_request_firewall_custom",
"rules": [
{
"id": "fdb0dd271f3f40b19679cc5d91396024",
"version": "2",
"action": "block",
"expression": "cf.zone.name eq \"example.com\" ",
"last_updated": "2022-07-20T10:44:29.124515Z"
}
],
"last_updated": "2022-07-20T10:44:29.124515Z"
}

Properties

The ruleset object has the following properties:

  • id - 32-character UUIDv4 string:

    • Represents the unique Cloudflare-generated identifier for a given version of a ruleset.
    • Unique, read-only.
  • name - string

    • A human-readable name for the ruleset.
    • The name is immutable. You cannot change the name over the lifetime of the ruleset.
  • description - string

    • Optional description for the ruleset.
    • You can change the description over the lifetime of the ruleset.
  • kind - One of root, zone, managed, custom

    • The kind of ruleset the JSON object represents.
    • kind is immutable
  • version - Integer value starting at 1 and incremented by 1 each time the ruleset is modified

    • The version of the ruleset.
    • Read-only.
  • rules - Array of JSON objects

    • A list of rules to include in the ruleset.
  • last_updated ISO 8601 timestamp in the format YYYY-MM-DDThh:mm:ss.TZD

    • The time (UTC) when the ruleset was last updated.
    • Read-only.

Rule object structure and properties

A fully populated rule JSON object has the following structure:

{
"id": "fdb0dd271f3f40b19679cc5d91396024",
"version": "2",
"action": "block",
"categories": ["wordpress"],
"expression": "cf.zone.name eq \"example.com\"",
"last_updated": "2022-07-20T10:44:29.124515Z",
"enabled": true
}

The JSON object properties for a rule are defined as follows:

PropertyDescriptionValueNotes
idRepresents the unique Cloudflare-generated identifier for a given version of a rule.32-character UUIDv4 stringUnique, read-only
versionThe version of the rule.

Integer value starting at 1 and incremented by 1 each time the ruleset is modified

Read-only. Changing the order of a rule in a ruleset does not change its version.
actionDefines what happens when there’s a match for the rule expression.StringThe available actions depend on the phase where the rule’s ruleset is executed.
categories

Tags associated with the current rule. You can define overrides that affect rules with a given tag.

Array of stringsRead-only. Only available in WAF Managed Rules.
expressionCriteria defining when there is a match for the current rule.String

The fields and functions you can use in a rule expression depend on the phase where the rule’s ruleset is executed.

last_updatedThe time (UTC) when the rule was last updated.ISO 8601 timestamp in the format YYYY-MM-DDThh:mm:ss .TZDRead-only
enabled

When set to true, the current rule is enabled.

Boolean