llbbl
commented
5 years ago I think we still need to update the README.md as a part of this?
Closed llbbl closed 4 years ago
llbbl
commented
5 years ago I think we still need to update the README.md as a part of this?
llbbl
commented
5 years ago @IcyApril I know you are probably super busy, but can we please get a follow up on this PR so we can decide how to proceed. Happy to address any questions or comments on it. Hope all is well. Thanks.
IcyApril
commented
4 years ago Sorry for the slow reply, thanks for contributing this @llbbl.
llbbl
commented
4 years ago Yeaa! Thanks for the getting to this @IcyApril !
We added a couple new classes to control Firewall rules in Cloudflare. This is useful for creating application side logic to update rules directly in Cloudflare. Our use case was Blocking all POST routes and then adding Allow rule for only the specific POST routes that were valid. By doing this in the Cloudflare Firewall we have seen a decrease in server load and an increase in application stability.
We have added a unit test for the Firewall Endpoint class. We did not add a unit test for the Options class because none of the other Options classes had them. Happy to add additional unit tests for this class we added as part of a future pull request.
We have tested that our changes are working by including the source from our fork directly in our production application. It will be nice to get this accepted into master so that we do not need to maintain the code in our fork. We have some other things we would like to open source that are Application specific libraries that are dependent on getting this into master.
The new Firewall class does the following things.
createFirewallRules - Adds one or more firewall rules at a time to Cloudflare. This method actually sets the Rules in Cloudflare. It is used internally in the class by createFirewallRule. It has slightly different method signature that takes in an array of rules that should be set. The array can be one or more rules in it. Returns false if there was a problem adding any of the rules.
createFirewallRule - Adds new firewall rules to Cloudflare. This only adds one rule at a time. You need to set the FirewallRuleOptions object before calling this method. The FirewallRuleOptions defines the Action and if the Rule should be Paused or not.
listFirewallRules - Lists the existing Firewall rules. This is used on the application side to get list of rules so you can check if the rule exists yet or not before it a new one is added.
deleteFirewallRule - Deletes an existing Firewall rule. You need to know ruleId before calling this method and you can get this from the listFirewallRules method call.
updateFirewallRule - Updates an existing Firewall rule. You need to know ruleId before calling this method and you can get this from the listFirewallRules method call. You need to set the FirewallRuleOptions object before calling this method. The FirewallRuleOptions defines the Action and if the Rule should be Paused or not.
The FirewallRuleOptions contains methods to block, challenge, JSchallenge and Log. It also contains ability to control draft or published via the setPaused method.