title | pcx_content_type | type | weight | meta | ||
---|---|---|---|---|---|---|
Create a rule via API |
how-to |
overview |
4 |
|
Use the Rulesets API to create configuration rules via API.
When creating a configuration rule via API, make sure you:
- Set the rule action to
set_config
. - Define the parameters in the
action_parameters
field according to the settings you wish to override for matching requests. - Deploy the rule to the
http_config_settings
phase at the zone level.
{{}}
Make sure your API token has the required permissions to perform the API operations.
{{
The following example sets the rules of an existing phase ruleset ({ruleset_id}
) to a single configuration rule — enabling Email Obfuscation and Browser Integrity Check for the contacts page — using the Update a zone ruleset operation:
---
header: Request
---
curl --request PUT \
https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets/{ruleset_id} \
--header "Authorization: Bearer <API_TOKEN>" \
--header "Content-Type: application/json" \
--data '{
"rules": [
{
"expression": "starts_with(http.request.uri.path, \"/contact-us/\")",
"description": "Obfuscates email addresses and enables BIC in contacts page",
"action": "set_config",
"action_parameters": {
"email_obfuscation": true,
"bic": true
}
}
]
}'
{{
{{
The following example sets the rules of an existing phase ruleset ({ruleset_id}
) to a single configuration rule — turning on I'm Under Attack mode for the administration area — using the Update a zone ruleset operation:
---
header: Request
---
curl --request PUT \
https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets/{ruleset_id} \
--header "Authorization: Bearer <API_TOKEN>" \
--header "Content-Type: application/json" \
--data '{
"rules": [
{
"expression": "http.host eq \"admin.example.com\"",
"description": "Turn on I'\''m Under Attack mode for admin area",
"action": "set_config",
"action_parameters": {
"security_level": "under_attack"
}
}
]
}'
{{
The API token used in API requests to manage configuration rules must have at least the following permission:
- Zone > Config Rules > Edit