API examples of custom rules with the Skip action
Use the Rulesets API to configure custom rules via API.
The skip
action supports different skip options, according to the security features or products that you wish to skip.
Before you continue
This page contains examples of different skip rule scenarios for custom rules. Take the following into account:
The
{zone_id}
value is the ID of the zone where you want to add the rule.The
{ruleset_id}
value is the ID of the entry point ruleset of thehttp_request_firewall_custom
phase. For details on obtaining this ruleset ID, refer to List and view rulesets. The API examples in this page add a skip rule to an existing ruleset using the Create a zone ruleset rule operation.However, the entry point ruleset may not exist yet. In this case, invoke the Create a zone ruleset operation to create the entry point ruleset with a skip rule. Refer to Create ruleset for an example.
Although each example only includes one action parameter, you can use several skip options in the same rule by specifying the
ruleset
,phases
, andproducts
action parameters simultaneously.
Skip the remaining rules in the current ruleset
This example invokes the Create a zone ruleset rule operation to add a skip rule to the existing http_request_firewall_custom
phase entry point ruleset with ID {ruleset_id}
. The rule will skip all remaining rules in the current ruleset for requests matching the rule expression:
curl https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets/{ruleset_id}/rules \--header "Authorization: Bearer <API_TOKEN>" \--header "Content-Type: application/json" \--data '{"action": "skip","action_parameters": {"ruleset": "current"},"expression": "http.request.uri.path contains \"/skip-current-ruleset/\"","description": ""}'
Skip a phase
This example invokes the Create a zone ruleset rule operation to add a rule to the existing http_request_firewall_custom
phase entry point ruleset with ID {ruleset_id}
. The rule will skip the http_ratelimit
phase for requests matching the rule expression:
curl https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets/{ruleset_id}/rules \--header "Authorization: Bearer <API_TOKEN>" \--header "Content-Type: application/json" \--data '{"action": "skip","action_parameters": {"phases": ["http_ratelimit"]},"expression": "http.request.uri.path contains \"/skip-phase/\"","description": ""}'
Refer to Available skip options for the list of phases you can skip.
Skip a phase and do not log matching requests
This example invokes the Create a zone ruleset rule operation to add a rule that:
- Skips the
http_ratelimit
phase - Disables event logging for the current rule
curl https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets/{ruleset_id}/rules \--header "Authorization: Bearer <API_TOKEN>" \--header "Content-Type: application/json" \--data '{"action": "skip","action_parameters": {"phases": ["http_ratelimit"]},"logging": {"enabled": false},"expression": "http.request.uri.path contains \"/disable-logging/\"","description": ""}'
Refer to Available skip options: Logging for more information on disabling logging for requests that match a skip rule.
Skip security products
This example uses the Create a zone ruleset rule operation to add a rule that skips the Zone Lockdown and User Agent Blocking products for requests matching the rule expression:
curl https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets/{ruleset_id}/rules \--header "Authorization: Bearer <API_TOKEN>" \--header "Content-Type: application/json" \--data '{"action": "skip","action_parameters": {"products": ["zoneLockdown","uaBlock"]},"expression": "http.request.uri.path contains \"/skip-products/\"","description": ""}'
Refer to Available skip options for the list of products you can skip.