The rule-based network intrusion detection system (IDS) is every effective and efficient for protecting the network equipment and avoiding suffering cyberattack. However, its rule generation is a NP-hard problem, which cannot be solved well by mathematical methods. Moth Flame Optimization (MFO) is a new nature-inspired heuristic algorithm, and has successfully been utilized to solve the various complex practical engineering problems. To effectively provide the rule of IDS, an adaptive MFO algorithm with historical flame archive strategy is proposed in this paper for enhancing exploitation of MFO and avoiding dropping into local optimal trap, which is termed MFO-HFA to avoid ambiguity. In MFO-HFA, to make effectively population escape local optimal trap, the archive consists of historical optimal individuals, which is utilized to preserve the information of better historical flame. Besides, to improve the convergence ability of the algorithm, a top flame randomly matching mechanism is utilized to make full use of the information of top flame. To demonstrate the advantage of MFO-HFA, it is compared with several well-known variants of MFO and some state-of-the-art intelligence algorithms on both 25 benchmark functions of CEC 2005. The experimental results indicate that MFO-HFA outperforms other compared algorithms and has obtained best accuracy. Furthermore, MFO-HFA is used to generate the rule of IDS by NSL-KDD dataset. The test results demonstrate that MFO-HFA outperforms compared algorithms and has gained 96.5% accuracy.