CD
Cloudflare Developers17mo ago
Erisa

The documentation I linked contains

The documentation I linked contains links to the relevant API endpoint documentations
5 Replies
lokiwind
lokiwind17mo ago
https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets/{ruleset_id}/rules Erisa I think I need to have rulesets id to create a rate limit rule, right?
Erisa
ErisaOP17mo ago
Yes, this is covered on https://developers.cloudflare.com/waf/rate-limiting-rules/create-api/ Point 1
Invoke the List zone rulesets method to obtain the list of rulesets in your zone. You will need the zone ID for this operation.
It then covers in points 2 and 3 what to do if there is a ruleset and if there is not
lokiwind
lokiwind17mo ago
Yes there are ruleset ids created by cloudflare Can I create a rate limit rule using the id information of any of these listed rule sets I sent you?
Erisa
ErisaOP17mo ago
No, please follow point 2 on https://developers.cloudflare.com/waf/rate-limiting-rules/create-api/
Search for an entry point ruleset for the http_ratelimit phase in the response. Such a ruleset would have the following properties: "kind": "zone" and "phase": "http_ratelimit".
lokiwind
lokiwind17mo ago
AH okey CURLOPT_POSTFIELDS => "{\n \"description\": \"My ruleset to execute managed rulesets\",\n \"kind\": \"zone\",\n \"name\": \"My ruleset\",\n \"phase\": \"http_ratelimit\"},\n }\n ]\n}", Is it enough to create a rulesets like this NotLikeThis
$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://api.cloudflare.com/client/v4/zones/********************df2c7c9f4ff6/rulesets",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => json_encode([
    "description" => "My ruleset to execute managed rulesets",
    "kind" => "zone",
    "name" => "My ruleset",
    "phase" => "http_ratelimit",
    "rules" => [
      [
        "action" => "block",
        "action_parameters" => [
          "response" => [
            "content" => "{\n  \"success\": false,\n  \"error\": \"you have been blocked\"\n}",
            "content_type" => "application/json",
            "status_code" => 400
          ]
        ],
        "description" => "Block when the IP address is not 1.1.1.1",
        "enabled" => true,
        "expression" => "ip.src ne 1.1.1.1",
        "ref" => "my_ref"
      ]
    ]
  ]),
  CURLOPT_HTTPHEADER => [
    "Content-Type: application/json",
    "X-Auth-Email: ***********@gmail.com",
    "X-Auth-Key: ****************"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}
$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://api.cloudflare.com/client/v4/zones/********************df2c7c9f4ff6/rulesets",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => json_encode([
    "description" => "My ruleset to execute managed rulesets",
    "kind" => "zone",
    "name" => "My ruleset",
    "phase" => "http_ratelimit",
    "rules" => [
      [
        "action" => "block",
        "action_parameters" => [
          "response" => [
            "content" => "{\n  \"success\": false,\n  \"error\": \"you have been blocked\"\n}",
            "content_type" => "application/json",
            "status_code" => 400
          ]
        ],
        "description" => "Block when the IP address is not 1.1.1.1",
        "enabled" => true,
        "expression" => "ip.src ne 1.1.1.1",
        "ref" => "my_ref"
      ]
    ]
  ]),
  CURLOPT_HTTPHEADER => [
    "Content-Type: application/json",
    "X-Auth-Email: ***********@gmail.com",
    "X-Auth-Key: ****************"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}
Response: { "result": null, "success": false, "errors": [ { "code": 20018, "message": "logging options only allowed in the skip action", "source": { "pointer": "/rules/0/logging" } }, { "code": 20132, "message": "only ratelimit rules can be placed in the http_ratelimit phase", "source": { "pointer": "/rules/0" } } ], "messages": null } what am I doing NotLikeThis
Want results from more Discord servers?
Add your server