Querying a Precise Protection Rule

Function Description

This API is used to query details about a precise protection rule.

URI

  • URI format

    GET /v1/{project_id}/waf/policy/{policy_id}/custom/{custom_rule_id}

  • Parameter description

    Table 1 Path parameters

    Parameter

    Mandatory

    Type

    Description

    project_id

    Yes

    String

    Specifies the project ID.

    policy_id

    Yes

    String

    Specifies the policy ID.

    custom_rule_id

    Yes

    String

    Specifies the ID of a precise protection rule.

Request

Request parameters

None

Response

Response parameters

Table 2 Parameter description

Parameter

Type

Description

id

String

Specifies the ID of a precise protection rule.

policy_id

String

Specifies the policy ID.

name

String

Specifies the rule name.

time

Boolean

Specifies the effect time of the precise protection rule.

  • false: The rule takes effect immediately.

  • true: The rule takes effect at the scheduled time.

start

Long

Specifies the time when the precise protection rule takes effect.

end

Long

Specifies the time when the precise protection rule expires.

conditions

Table 3

Specifies the condition parameters.

action

Table 4

Specifies the protective action after the precise protection rule is matched.

priority

Integer

Specifies the priority of a rule being executed. Smaller values correspond to higher priorities. If two rules are assigned with the same priority, the rule added earlier has higher priority. The value ranges from 0 to 65535.

timestamp

Long

Specifies the time when a precise protection rule is added.

Table 3 conditions

Parameter

Type

Description

category

String

Specifies the condition type. The value can be path, user-agent, ip, params, cookie, referer, or header.

index

String

  • If category is set to cookie, index indicates cookie name.

  • If category is set to params, index indicates param name.

  • If category is set to header, index indicates an option in the header.

logic

String

contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix indicate Include, Exclude, Equal to, Not equal to, Prefix is, Prefix is not, Suffix is, and Suffix is not respectively.

If category is set to ip, logic can only be equal or not_equal.

contents

List

Specifies content matching the condition.

Table 4 action

Parameter

Type

Description

category

String

Specifies the protective action.

  • block: block.

  • pass: allow.

Example

Rule ID 7374ad99c6c448e9a9ca35cb46660a39 is used as an example.

Response example

{
      "id": "7374ad99c6c448e9a9ca35cb46660a39",
      "policy_id": "9tre832yf96784ec8abd8ba61a98064ef",
      "name": "rule1",
      "time": true,
      "start": 1499817600,
      "end": 1567817600,
      "conditions": [{
          "category ": "path",
          "contents": ["/login"],
          "logic": "contain"
        },{
          "category": "ip",
          "logic": "equal",
          "contents": ["X.X.1.1"]
        }, {
          "category": "referer",
          "logic": "prefix",
          "contents": ["https://www.waf.com/xxx"]
        }, {
          "category": "user-agent",
          "logic": "contain",
          "contents": ["Mozilla/5.0"]
        }, {
          "category": "cookie",
          "index": "SID",
          "logic": 3,
          "contents": ["234SDFASR4R32412FSR325S"]
        }, {
          "category": "header",
          "index": "x-language",
          "logic": "equal",
          "contents": ["en-us"]
        }, {
          "category": "params",
          "index": "name",
          "logic": "equal",
          "contents": ["abc"]
        }
      ],
      "action": {
        "category": "block"
      },
     "priority": 10,
     "timestamp": 1499817600
}

Status Code

Table 5 describes the normal status code returned by the API.

Table 5 Status code

Status Code

Description

Meaning

200

OK

The request has succeeded.

For details about error status codes, see Status Codes.