Web Application Firewall Settings

Currently we are adding more API requests to our Cloudflare environment. One of the request we’ve added is retrieving the WAF settings.


The question we have is related to interpreting the response from the curl GET request. Is the ‘value’ and ‘modified_on’ fields in the response conveying that the WAF is not active?

I was unable to research the details on the fields meaning.

“result”: {
“id”: “waf”,
“value”: “off”,
“modified_on”: null,
“editable”: true
“success”: true,
“errors”: ,

id indicates what zone setting we are talking about.
value indicates whether or not WAF is enabled for the zone.
modified_on indicates the date this setting was last changed.
editable indicates whether your plan level allows you to change the setting.

1 Like

Thank you for the almost instant answer. This is much appreciated.