Review of WAF custom rules via API
I am seeing custom waf rules set set up for one of my zones on UI, but I am unable to retrieve this info via the API. I am using the following endpoint https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets but the info in the response does not look like the rules seen in the UI
7 Replies
That endpoint only lists the rulesets, you need to also list the rules that are within that ruleset
so then i would need to hit this endpoint curl https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets/{ruleset_id}
for instance id like to see this custom rule
Yes
thanks Erisa!
Hi Erisa, wondering if you could help me retrieve some other waf configs from the api :blob_sweat:
Wondering if u know how to retrieve cloudflare waf managed ruleset and also the owasp mod security
It is the same concept but with a different phase name
Gotcha is just that for instance joomla is disabled on our managed ruleset , but I see joomla sqli enabled and other joomla related vulns for some reason