Account Level Firewall Rules

I have some firewall rules that I would like to have available for all the sites on my account, mostly for protecting Wordpress. Is there a way to setup rules that govern all of the sites in my account?

With firewall rules, not right now. Only IP access rules support account wide settings.

So the only way that makes sense then is to add them all through the API.

From the documentation it asks for a couple of id’s to be passed, one of them is the filter identifier. Doing it by hand through the browser, this is auto-generated by Cloudflare. What is the correct way to generate this string?

Yes, firewall rules and filters are separate entries.

https://api.cloudflare.com/#firewall-rules-properties has all the details

Listing the rule properties only shows id’s of rules that already exist. When creating a new rule via API, how is this string to be generated?

What string?

How a new rule is added is shown at https://api.cloudflare.com/#firewall-rules-create-firewall-rules

I think I see, first I need to create the filter, then I can create a firewall rule using that filter?

Most likely, though you could try to create the rule without an ID for the filter. That might automatically create a filter, if not you will first have to create the filter.

Thank you for your help, will give it a try!

Firewall rules are a bit tricky. If IP addresses are enough, I’d rather go with IP access rules, they can also work account wide. Though Cloudflare will eventually (this or next year) consolidate them anyhow and maybe firewall rules will be easier to manage by then.

Right now the split rule/filter doesnt exactly make it easier.

Should be ok once they’re in place, will just be a matter of batching them via script without going over-limit on api usage.

I still can’t seem to get this to work correctly. Here’s what I’m doing now:

curl -X POST "https://api.cloudflare.com/client/v4/zones/${data}/firewall/rules" \
        -H "X-Auth-Email: $CF_API_EMAIL" \
        -H "X-Auth-Key: $CF_API_KEY" \
        -H "Content-Type: application/json" \
        --data '["filter":{"expression":"(http.request.uri.path ~ \"*xmlrpc.php\")","paused":false,"description":"Block xmlrpc.php","ref":"FIL-100","deleted":false},"action":"block"]'

Where ${data} is the zone id. The response I get back is the request body is malformed. Even if I add a string for the filter id it doesn’t work correctly. Not sure what I’m missing here?

Thats not a valid JSON string. Run it through a JSON validator.

Yep I got it to work, needed to be wrapped with {} inside the ‘’.

This topic was automatically closed after 30 days. New replies are no longer allowed.