Skip to content

Edit in the dashboard

In the Cloudflare dashboard, there are two options for editing expressions:

  • Expression Builder: Allows you to create expressions using drop-down lists, emphasizing a visual approach to defining an expression.
  • Expression Editor: A text-only interface that supports advanced features, such as grouping symbols and functions for transforming and validating values.

In general, you can switch back and forth between the Expression Builder and the Expression Editor. However, the Expression Builder does not support nested expressions or the raw string syntax.

Expression Builder

The Expression Builder allows you to visually create rule expressions by using drop-down lists and entering field values to define one or multiple sub-expressions.

The Expression Builder interface used to visually define expressions

The Expression Preview displays the expression in text:

(ip.geoip.country ne "GB")

The Expression Builder will automatically escape the backslash (\) and double quote (") special characters in string literals.

Expression Editor

The Expression Editor is a text-only interface for defining rule expressions that supports the entire specification of Cloudflare’s Rules language, including parentheses as grouping symbols.

The Expression Editor used to enter advanced expressions

To access the Expression Editor, select Edit expression next to the Expression Preview:

Selecting Edit expression in the Create custom rule page to switch to the Expression Editor

To switch back from the Expression Editor to the Expression Builder, select Use expression builder.

Escape special characters

In expressions using the quoted string syntax, all backslash (\) and double quote (") characters in string literals must be escaped. The visual Expression Builder will automatically escape these special characters by prepending a backslash such that \ and " become \\ and \", respectively.

Expressions built using the Expression Builder currently use the quoted string syntax. When entering regular expressions following this syntax, you may need to perform additional escaping — refer to Quoted string syntax in the Ruleset Engine documentation for details.

To specify complex regular expressions, Cloudflare recommends that you use the Expression Editor and enter your expression using the raw string syntax, which needs less escaping.

Create nested expressions

The Expression Editor supports parentheses as grouping symbols. Use parentheses to explicitly group and nest expressions and, in turn, create highly targeted expressions.

The following rule expression will match requests from any visitor who is not from Malaysia and tries to access WordPress URI paths.

((http.request.uri.path contains "/xmlrpc.php") or (http.request.uri.path
contains "/wp-login.php") or (http.request.uri.path contains "/wp-admin/"
and not http.request.uri.path contains "/wp-admin/admin-ajax.php" and not
http.request.uri.path contains "/wp-admin/theme-editor.php")) and
ip.geoip.country ne "MY"

Only the Expression Editor supports nested expressions such as the one above. If you create a rule with nested expressions in the Expression Editor and try to switch to the Expression Builder, a dialog will warn you that the expression is not supported in the builder. You will be prompted to Discard changes and switch to the Expression Builder or Cancel and continue working in the editor.

Expression validation

Cloudflare validates all expressions before saving them, so if your expression has errors, you will receive an error message in the Cloudflare dashboard, similar to the following:

Filter parsing error (1:313): ((http.request.uri.path contains
"/xmlrpc.php") or (http.request.uri.path contains "/wp-login.php") or
(http.request.uri.path contains "/wp-admin/" and not
http.request.uri.path contains "/wp-admin/admin-ajax.php" and not
http.request.uri.path contains "/wp-admin/theme-editor.php")) and
ip.geoip.country ne "MY") ^ unrecognised input