- jq (https://stedolan.github.io/jq/)
- Cloudflare account email
- Cloudflare zone ID
- Cloudflare Global API key, which can be retrieved here:
- API documenation is available here: https://api.cloudflare.com/#waf-rules
Applies only to rules with Default mode Block or Challenge
_CFAPIEMAIL=""
_CFAPIKEY=""
_CFAPIZONEID=""
curl -s -H "X-Auth-Email: $_CFAPIEMAIL" -H "X-Auth-Key: $_CFAPIKEY" -H "Content-Type: application/json" "https://api.cloudflare.com/client/v4/zones/$_CFAPIZONEID/firewall/waf/packages" | jq -r '.result[]|select(.name == "CloudFlare").id' | \
while read packageID; do
for i in $(eval echo "{1..$(curl -s -H "X-Auth-Email: $_CFAPIEMAIL" -H "X-Auth-Key: $_CFAPIKEY" -H "Content-Type: application/json" "https://api.cloudflare.com/client/v4/zones/$_CFAPIZONEID/firewall/waf/packages/$packageID/rules?per_page=100" | jq -r '.result_info.total_pages')}"); do
curl -s -H "X-Auth-Email: $_CFAPIEMAIL" -H "X-Auth-Key: $_CFAPIKEY" -H "Content-Type: application/json" "https://api.cloudflare.com/client/v4/zones/$_CFAPIZONEID/firewall/waf/packages/$packageID/rules?per_page=100&page=$i" | jq -cr '.result[]' | \
while read rule; do
wafID="$(echo "$rule" | jq -r .id)"
defaultMode="$(echo "$rule" | jq -r .default_mode)"
if [[ "$defaultMode" == "block" || "$defaultMode" == "challenge" ]]; then
curl -s -H "X-Auth-Email: $_CFAPIEMAIL" -H "X-Auth-Key: $_CFAPIKEY" -H "Content-Type: application/json" "https://api.cloudflare.com/client/v4/zones/$_CFAPIZONEID/firewall/waf/packages/$packageID/rules/$wafID" -X PATCH --data '{"mode":"simulate"}' | jq
fi
done
done
done
Applies only to rules with Default mode Block or Challenge
_CFAPIEMAIL=""
_CFAPIKEY=""
_CFAPIZONEID=""
curl -s -H "X-Auth-Email: $_CFAPIEMAIL" -H "X-Auth-Key: $_CFAPIKEY" -H "Content-Type: application/json" "https://api.cloudflare.com/client/v4/zones/$_CFAPIZONEID/firewall/waf/packages" | jq -r '.result[]|select(.name == "CloudFlare").id' | \
while read packageID; do
for i in $(eval echo "{1..$(curl -s -H "X-Auth-Email: $_CFAPIEMAIL" -H "X-Auth-Key: $_CFAPIKEY" -H "Content-Type: application/json" "https://api.cloudflare.com/client/v4/zones/$_CFAPIZONEID/firewall/waf/packages/$packageID/rules?per_page=100" | jq -r '.result_info.total_pages')}"); do
curl -s -H "X-Auth-Email: $_CFAPIEMAIL" -H "X-Auth-Key: $_CFAPIKEY" -H "Content-Type: application/json" "https://api.cloudflare.com/client/v4/zones/$_CFAPIZONEID/firewall/waf/packages/$packageID/rules?per_page=100&page=$i" | jq -cr '.result[]' | \
while read rule; do
wafID="$(echo "$rule" | jq -r .id)"
defaultMode="$(echo "$rule" | jq -r .default_mode)"
if [[ "$defaultMode" == "block" || "$defaultMode" == "challenge" ]]; then
curl -s -H "X-Auth-Email: $_CFAPIEMAIL" -H "X-Auth-Key: $_CFAPIKEY" -H "Content-Type: application/json" "https://api.cloudflare.com/client/v4/zones/$_CFAPIZONEID/firewall/waf/packages/$packageID/rules/$wafID" -X PATCH --data '{"mode":"default"}' | jq
fi
done
done
done