Cloudflare MCP Server

Overview Schema Related Servers Score Discussions

cloudflare-dns-mcp_list_waf_rules

Retrieve Web Application Firewall (WAF) rules for a specific zone using the Cloudflare MCP Server, enabling efficient rule management and security monitoring.

Instructions

List Web Application Firewall (WAF) rules for a zone

Input Schema

TableJSON Schema

Name	Required	Description	Default
`rule_type`	No
`zone_name`	Yes

Implementation Reference

src/tools/security.ts:33-53 (handler)

The handler function that implements the core logic of listing WAF rules: parses input, fetches zone ID, queries Cloudflare firewall/rules endpoint, and formats response as MCP content.

handler: async (params: z.infer<typeof ListWafRulesInputSchema>) => {
  const { zone_name, rule_type } = ListWafRulesInputSchema.parse(params);

  // Resolve zone ID
  const zones = await client.get<Array<{ id: string; name: string }>>('/zones', { name: zone_name });
  if (zones.length === 0) throw new Error(`Zone ${zone_name} not found`);
  const zoneId = zones[0].id;

  const query: Record<string, any> = {};
  if (rule_type) query.mode = rule_type;

  const wafRules = await client.get<Array<typeof WafRuleSchema['_type']>>(`/zones/${zoneId}/firewall/rules`, query);
  return {
    content: [
      {
        type: "text",
        text: JSON.stringify(wafRules, null, 2)
      }
    ]
  };
},

src/tools/security.ts:20-23 (schema)

Zod input schema for the tool: requires zone_name, optional rule_type.

const ListWafRulesInputSchema = z.object({
  zone_name: z.string(),
  rule_type: z.string().optional(), // Placeholder – Cloudflare uses "mode" & "action"
});

src/tools/security.ts:8-15 (schema)

Shared Zod schema for individual WafRule objects, used to type the output array items.

const WafRuleSchema = z.object({
  id: z.string(),
  description: z.string(),
  action: z.string(),
  expression: z.string(),
  paused: z.boolean(),
  priority: z.number().optional(),
});

src/tools/security.ts:184-189 (registration)

Registration of the list_waf_rules tool in the security tools map returned by getSecurityTools(client). This map is spread into the main server tools in src/index.ts.

tools: {
  'cloudflare-dns-mcp/list_waf_rules': listWafRulesTool,
  'cloudflare-dns-mcp/create_security_rule': createSecurityRuleTool,
  'cloudflare-dns-mcp/update_security_rule': updateSecurityRuleTool,
  'cloudflare-dns-mcp/delete_security_rule': deleteSecurityRuleTool,
},

src/index.ts:19-27 (registration)

Main server registration: calls getSecurityTools and spreads its tools into the aggregate allTools used for MCP server handlers.

const securityTools = getSecurityTools(cfClient);
const sslCertTools = getSslCertTools(cfClient);
const zoneTools = getZoneManagementTools(cfClient);
const echoTools = getEchoTools();
const redirectTools = getRedirectTools(cfClient);

const allTools = {
  ...dnsTools.tools,
  ...securityTools.tools,

Install Server

Other Tools

Related Tools

cloudflare-dns-mcp_create_security_rule
@jeffgolden/cloudflare_mcp
get_network_rules
@amittell/firewalla-mcp-server
list_site_rules
@purpleax/FastlyMCP
list_load_balancer_rules
@phantosmax/cloudstack-mcp-server
list_corp_rules
@purpleax/FastlyMCP
cloudflare-dns-mcp_list_page_rules
@jeffgolden/cloudflare_mcp

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jeffgolden/cloudflare_mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server