• Web Application Firewall

waf
  1. Help Center
  2. Web Application Firewall
  3. API Reference
  4. APIs
  5. CC Attack Protection Rules
  6. Updating a CC Attack Protection Rule

Updating a CC Attack Protection Rule

Function Description

This API is used to update a CC attack protection rule.

URI

  • URI format

    PUT /v1/{project_id}/waf/policy/{policy_id}/cc/{ccrule_id }

  • Parameter description
    Table 1 Path parameters

    Parameter

    Mandatory

    Type

    Description

    project_id

    Yes

    String

    Specifies the project ID.

    policy_id

    Yes

    String

    Specifies the policy ID.

    ccrule_id

    Yes

    String

    Specifies the ID of a CC attack protection rule.

Request

Request parameters
Table 2 Parameter description

Parameter

Mandatory

Type

Description

url

Yes

String

Specifies the URL to which the rule applies, excluding a domain name.

limit_num

Yes

Integer

Specifies the number of requests allowed from a web visitor in a rate limiting period. The value ranges from 0 to 232.

limit_period

Yes

Integer

Specifies the rate limiting period. The value ranges from 0 seconds to 232 seconds.

lock_time

No

Integer

Specifies the lock duration. The value ranges from 0 seconds to 232 seconds.

tag_type

Yes

String

Specifies the rate limit mode.

  • ip: A web visitor is identified by the IP address.
  • cookie: A web visitor is identified by the cookie key value.
  • other: A web visitor is identified by the Referer field (user-defined request source).

tag_index

No

String

If tag_type is set to cookie, this parameter indicates cookie name.

tag_condition

No

Table 3

Specifies the Referer (customized request source) field. This field is mandatory when tag_type is set to other.

action

Yes

Table 4

Specifies the action taken when the number of requests reaches the upper limit.

Table 3 tag_condition

Parameter

Mandatory

Type

Description

category

Yes

String

Specifies the category. The value is Referer.

This parameter is mandatory when the tag_condition field is transferred.

contents

Yes

List

Specifies the category content.

The format is as follows: http://www.example.com/path.

This parameter is mandatory when the tag_condition field is transferred. Currently, only one value is accepted.

Table 4 action

Parameter

Mandatory

Type

Description

category

Yes

String

Specifies the action. The default value is block.

  • block: block the requests.
  • captcha: Verification code. The user needs to enter the correct verification code after blocking to restore the correct access page.

The default value is block.

If tag_type is set to other, this parameter value can only be block.

detail

No

Table 5

Specifies the action details. If detail is null, the default block page is displayed by default.

This parameter is not required if category is set to captcha.

This parameter is required if category is set to block.

Table 5 detail

Parameter

Mandatory

Type

Description

response

Yes

Table 6

Specifies the returned page.

Table 6 response

Parameter

Mandatory

Type

Description

content_type

Yes

String

Specifies the type of the returned page.

The options are application/json, text/html, and text/xml.

The default value is application/json.

content

Yes

String

Specifies the content of the returned page.

Response

Response parameters
Table 7 Parameter description

Parameter

Type

Description

id

String

Specifies the ID of a CC attack protection rule.

policyid

String

Specifies the policy ID.

url

String

Specifies the URL to which the rule applies, excluding a domain name.

limit_num

Integer

Specifies the number of requests allowed from a web visitor in a rate limiting period.

limit_period

Integer

Specifies the rate limiting period.

lock_time

Integer

Specifies the lock duration. The value ranges from 0 seconds to 232 seconds.

tag_type

String

Specifies the tag object type. The value can be cookie, ip, or other.

tag_index

String

If tag_type is set to cookie, index indicates cookie name.

tag_condition

Table 8

This field is valid only when tag_type is set to other.

action

Table 9

Specifies the action taken when the number of requests reaches the upper limit.

timestamp

Long

Specifies the time when a CC attack protection rule is added.

default

Boolean

Specifies whether the rule is the default CC attack protection rule.

  • true: The rule is the default CC attack protection rule created by the system when creating a domain name.
  • false: The rule is created by users.
Table 8 tag_condition

Parameter

Type

Description

category

String

Specifies the category. The value is Referer.

contents

List

Specifies the category content.

Table 9 action

Parameter

Type

Description

category

String

Specifies the action. The default value is block.

  • block: block the requests.
  • captcha: Verification code. The user needs to enter the correct verification code after blocking to restore the correct access page.

The default value is block.

If tag_type is set to other, this parameter value can only be block.

detail

Table 10

Specifies the action details. If detail is null, the default block page is displayed by default.

Table 10 detail

Parameter

Mandatory

Type

Description

response

Yes

Table 11

Specifies the returned page.

Table 11 response

Parameter

Type

Description

content_type

String

Specifies the type of the returned page.

The options are application/json, text/html, and text/xml.

content

String

Specifies the content of the returned page.

Examples

  • Request example
    {
      "url": "/abc1",
      "limit_num": 10,
      "limit_period": 60,
      "lock_time": "",
      "tag_type": "cookie",
      "tag_index": "sesssionid",
      "action": {
        "category": "block",
        "detail": {
          "response": {
            "content_type": "application/json",
            "content": "{\'error\':\'forbidden\}"
          }
        }
      }
    }
  • Response example
    {
      "id": "3a9b5c0f96784ec8abd8ba61a98064ef",
      "policyid": "9tre832yf96784ec8abd8ba61a98064ef",
      "url": "/abc1",
      "limit_num": 10,
      "limit_period": 60,
      "lock_time": "",
      "tag_type": "cookie",
      "tag_index": "sesssionid",
      "action": {
        "category": "block",
        "detail": {
          "response": {
            "content_type": "application/json",
            "content": "{\"error\":\"forbidden\"}"
          }
        }
    },
      "timestamp": 1499817600,
       "default": false
    }

Status Code

Table 12 describes the normal status code returned by the API.
Table 12 Status code

Status Code

Description

Meaning

200

OK

The request has succeeded.

For details about error status codes, see Status Codes.