Create, edit, and delete rules
The Create Firewall Rule page in the Firewall app is a good guide to the parts of a firewall rule. When an incoming HTTP request matches the expression in a firewall rule, the specified action is triggered:
Note that a simple expression has the following syntax:
<field> <comparison operator> <value>For more, see Expressions and Actions.
Expression Builder and Editor
The Firewall app in the Cloudflare dashboard offers two options for editing expressions.
The Expression Builder allows you to create expressions using drop-down lists and emphasizes an intuitive visual approach to creating firewall rules:
The Expression Editor is a text-only interface that supports advanced features, such as grouping symbols and functions for transforming and validating values:
Both interfaces are available in the Create Firewall Rule page. This article focuses on using the Expression Builder. For more on using the advanced Expression Editor, see Edit rule expressions.
Create a firewall rule
To create a new firewall rule:
Log in to the Cloudflare dashboard.
Select the Websites tab and choose the site for which you want to create a new firewall rule.
To open Firewall Rules from the Cloudflare dashboard, click the Firewall tile in the app bar, and then click the Firewall Rules tab.
Click Create a Firewall Rule.
In the Create Firewall Rule page that displays, use the Rule name input to supply a descriptive name. The rule name in this example is "Does not originate in UK."
Under When incoming requests match…, use the Field drop-down list to choose an HTTP property. For each request, the value of the property you choose for Field is compared to the value you specify for Value.
Use the Operator drop-down list to choose a comparison operator. For an expression to match, the value of the request Field and the value specified in the Value input must satisfy the comparison operator.
In the screenshot above, note that the Expression Editor area displays a text-only version of your expression. For more on Expression Editor and the Expression Editor, see Edit rule expressions.
Now specify the value to match. If the value is an enumeration, then the Value control will be a drop-down list. Otherwise, it will be a text input. In this example the value United Kingdom is set using the Country drop-down list.
To set an action for your rule, use the Action drop-down list. In this example the Block action tells Cloudflare to refuse requests that originate from countries other than the United Kingdom.
To save and deploy your rule, click Deploy. If you are not ready to deploy your rule, click Save as draft.
After you choose an option, you are returned to the Rules List, which displays your new rule:
If you choose to deploy your new rule, the toggle switch associated with the rule will be On. If you save the rule as a draft, the toggle will be Off. Use the toggle to enable or disable your firewall rule.
Manage rules
Edit rules
You can modify your existing firewall rules at any time. Click the Edit button (wrench icon) located on the right of your rules in the Rules List to open the Edit Firewall Rule panel and make the changes you want.
Delete rules
To delete an existing rule from the Firewall Rules panel, use the Delete button (X icon) associated with the rule you want to remove.
In the confirmation dialog that appears, click Delete to confirm and complete the operation.
Order rules
By default, Cloudflare evaluates firewall rules in list order, where rules are evaluated in the order they appear in the Rules List. When list ordering is enabled, the Rules List allows you to drag and drop firewall rules into position, as shown below.
Once there are more than 200 total rules (including inactive rules), you must manage evaluation using priority ordering, in which Cloudflare evaluates firewall rules in order of their priority number, starting with the lowest. When you cross this threshold, the Firewall Rules interface automatically switches to priority ordering. For more on working with priority ordering, see Order and Priority.
Enable and disable rules
Use the toggle switch associated with a firewall rule to enable or disable it.
Test firewall rules with Rule Preview
To help customers in the Enterprise plan understand the potential impact of a new firewall rule, Cloudflare built Rule Preview. With the click of a button, Rule Preview allows you to test a firewall rule against a sample of requests drawn from the last 72 hours of traffic. Rule Preview is built into the Create Firewall Rule and Edit Firewall Rule panels so that you can test a rule as you edit it. For more, see Preview rules.