Question About Stacking WAF rules

resource "cloudflare_ruleset" "api_rate_limiting" {
  zone_id     = local.cloudflare_zone_id
  name        = "API Rate Limiting"
  description = "Rate limiting rules for API endpoints"
  kind        = "zone"
  phase       = "http_ratelimit"

  rules {
    action      = "block"
    description = "Rate limit for create cardholder"
    expression  = "(http.request.uri.path eq \"/api/v1/some-entity\" and http.request.method eq \"POST\")"

    ratelimit {
      characteristics     = ["ip.src", "cf.colo.id"]
      period              = 60
      requests_per_period = 10
      mitigation_timeout  = 60
    }
  }
}