In Firewall Event Log i see “Firewall Rule” when some IP are blocked by my rules, but what rule?
Can you post a screenshot? Cloudflare appears to have made some changes recently and should actually also display the rule name at this point.
In this case you will have to use the API at https://developers.cloudflare.com/firewall/api/cf-filters/get/#get-by-filter-id to get the filter which is listed under match triggered.
2 or 3 hours of programming php and api only for get what rules are used for blocking a specific user?? Really??
It is a bit cumbersome and shouldnt be necessary, however it should neither take two to three hours. Following the provided example it should take ten minutes max.
What I do is open an incognito browser tab and, using a proxy-IP service, break each of my firewall rules. I then check the Events log, and list for each rule that Filter number under “Match Triggered”.
I have this small list on Keep, so I can check it anytime. After using this for a few days you will memorize which Filter match which rule, as only the first 3 or 4 characters of the Filter number will be enough to make this association.