I am trying to understand if Cloudflare supports a way where if Open API / Swagger spec is provided to it, by default creates rules that blocks all the illegitimate combination of request uri , paths and methods.

This will really help in making our team focus on writing application specific WAF rules since the rest are blocked by default.

Schema Validation is part of API Shield which is available on the Enterprise plan.
https://developers.cloudflare.com/api-shield/security/schema-validation/

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.