Skip to content

Get a global WAF rule in a zone context

GET
/api/zones/{zoneId}/security/global-waf-rules/{id}

Read-only view of a single global WAF rule as seen from a zone context, including the zone's effective enabledForZone flag. The rule itself cannot be edited here; only the per-zone on/off toggle (PATCH enabledForZone) is writable.

Authorizations

ApiToken

Long-lived API token created via POST /api/api-tokens (returned once in plaintext).

Type
API Key (header: X-API-TOKEN)
or
JWT

JWT access token obtained via POST /api/auth/login. Send as: Authorization: Bearer .

Type
HTTP (bearer)

Parameters

Path Parameters

zoneId*

zone-global-waf-rule identifier

Type
string
Required
id*

zone-global-waf-rule identifier

Type
string
Required

Responses

zone-global-waf-rule resource

JSON
{
  
"@context": "string",
  
"@id": "string",
  
"@type": "string",
  
"id": "550e8400-e29b-41d4-a716-446655440000",
  
"description": "Block SQL injection attempts on the login endpoint",
  
"enabled": true,
  
"participationMode": "opt_out",
  
"phase": "request",
  
"order": 10,
  
"match": "all",
  
"conditions": [
  
],
  
"expression": "string",
  
"action": "block",
  
"status": 403,
  
"score": 5,
  
"rateBps": 1024,
  
"delayMs": 250,
  
"log": false,
  
"stop": false,
  
"createdAt": "2026-07-01T12:00:00+00:00",
  
"updatedAt": "2026-07-01T12:00:00+00:00",
  
"enabledForZone": true
}

Playground

Authorization
Variables
Key
Value

Samples

Powered by VitePress OpenAPI