Skip to content

Get a zone's WAF rule

GET
/api/zones/{zoneId}/security/waf-rules/{id}

Returns a single zone-owned WAF rule by ID.

Authorizations

ApiToken

Long-lived API token created via POST /api/api-tokens (returned once in plaintext).

Type
API Key (header: X-API-TOKEN)
or
JWT

JWT access token obtained via POST /api/auth/login. Send as: Authorization: Bearer .

Type
HTTP (bearer)

Parameters

Path Parameters

zoneId*

Zone identifier

Type
string
Required
id*

waf-rule identifier

Type
string
Required

Responses

waf-rule resource

JSON
{
  
"@context": "string",
  
"@id": "string",
  
"@type": "string",
  
"id": "550e8400-e29b-41d4-a716-446655440000",
  
"description": "Block SQL injection attempts on the login endpoint",
  
"enabled": true,
  
"participationMode": "opt_out",
  
"phase": "request",
  
"order": 10,
  
"match": "all",
  
"conditions": [
  
  
{
  
  
  
"targets": [
  
  
  
  
"string"
  
  
  
],
  
  
  
"transforms": [
  
  
  
  
"string"
  
  
  
],
  
  
  
"operator": "string",
  
  
  
"pattern": "string",
  
  
  
"negate": true
  
  
}
  
],
  
"expression": "string",
  
"action": "block",
  
"status": 403,
  
"score": 5,
  
"rateBps": 1024,
  
"delayMs": 250,
  
"log": false,
  
"stop": false,
  
"createdAt": "2026-07-01T12:00:00+00:00",
  
"updatedAt": "2026-07-01T12:00:00+00:00"
}

Playground

Authorization
Variables
Key
Value

Samples

Powered by VitePress OpenAPI