• Web Application Firewall

waf
  1. Help Center
  2. Web Application Firewall
  3. API Reference
  4. APIs
  5. Precise Protection Rules
  6. Updating a Precise Protection Rule

Updating a Precise Protection Rule

Function Description

This API is used to update a precise protection rule.

URI

  • URI format

    PUT /v1/{project_id}/waf/policy/{policy_id}/custom/{custom_rule_id}

  • Parameter description
    Table 1 Path parameters

    Parameter

    Mandatory

    Type

    Description

    project_id

    Yes

    String

    Specifies the project ID.

    policy_id

    Yes

    String

    Specifies the policy ID.

    custom_rule_id

    Yes

    String

    Specifies the ID of a precise protection rule.

Request

Request parameters
Table 2 Parameter description

Parameter

Mandatory

Type

Description

name

Yes

String

Specifies the rule name.

time

No

Boolean

Specifies the effect time of the precise protection rule.

  • false: The rule takes effect immediately.
  • true: The rule takes effect at the scheduled time.

start

No

Long

Specifies the time when the precise protection rule takes effect. If time is set to true, either the start time or the end time must be set.

end

No

Long

Specifies the time when the precise protection rule expires. If time is set to true, either the start time or the end time must be set.

conditions

Yes

Table 3

Specifies the condition parameters.

action

Yes

Table 4

Specifies the protective action after the precise protection rule is matched.

priority

No

Integer

Specifies the rule priority. The value ranges from 0 to 65535. The default value is 50. Smaller values correspond to higher priorities.

Table 3 conditions

Parameter

Mandatory

Type

Description

category

Yes

String

Specifies the condition type. The value can be url, user-agent, ip, params, cookie, referer, or header.

index

No

String

  • If category is set to cookie, index indicates cookie name.
  • If category is set to params, index indicates param name.
  • If category is set to header, index indicates an option in the header.

logic

Yes

Integer

1, 2, 3, 4, 5, 6, 7, and 8 indicate include, exclude, equal to, not equal to, prefix is, prefix is not, suffix is, and suffix is not, respectively.

If category is set to ip, logic can only be 3 or 4.

contents

Yes

List

Specifies content matching the condition. Currently, only one value is accepted.

Table 4 action

Parameter

Mandatory

Type

Description

category

Yes

String

Specifies the protective action.

  • block: block.
  • pass: allow.

Response

Response parameters
Table 5 Parameter description

Parameter

Type

Description

id

String

Specifies the ID of a precise protection rule.

policyid

String

Specifies the policy ID.

name

String

Specifies the rule name.

time

Boolean

Specifies the effect time of the precise protection rule.

  • false: The rule takes effect immediately.
  • true: The rule takes effect at the scheduled time.

start

Long

Specifies the time when the precise protection rule takes effect.

end

Long

Specifies the time when the precise protection rule expires.

conditions

Table 6

Specifies the condition parameters.

action

Table 7

Specifies the protective action after the precise protection rule is matched.

priority

Integer

Specifies the priority of a rule being executed. Smaller values correspond to higher priorities. If two rules are assigned with the same priority, the rule added earlier has higher priority. The value ranges from 0 to 65535.

timestamp

Long

Specifies the time when a precise protection rule is added.

Table 6 conditions

Parameter

Type

Description

category

String

Specifies the condition type. The value can be url, user-agent, ip, params, cookie, referer, or header.

index

String

  • If category is set to cookie, index indicates cookie name.
  • If category is set to params, index indicates param name.
  • If category is set to header, index indicates an option in the header.

logic

Integer

1, 2, 3, 4, 5, 6, 7, and 8 indicate include, exclude, equal to, not equal to, prefix is, prefix is not, suffix is, and suffix is not, respectively.

If category is set to ip, logic can only be 3 or 4.

contents

List

Specifies content matching the condition.

Table 7 action

Parameter

Type

Description

category

String

Specifies the protective action.

  • block: block.
  • pass: allow.

Examples

A rule named rule1 is used as an example.

  • Request example
    {
          "name": "rule1",
          "time": true,
          "start": 1499817600,
          "end": 1567817600,
          "conditions": [{
              "category": "url",
              "contents": ["/login"],
              "logic": 1
            },{
              "category": "ip",
               "logic": 3,
               "contents": ["192.168.1.1"]
            }
          ],
          "action": {
            "category": "block"
          },
         "priority": 10
    }
  • Response example
    {
          "id": "7374ad99c6c448e9a9ca35cb46660a39",
          "policyid": "9tre832yf96784ec8abd8ba61a98064ef",
          "name": "rule1",
          "time": true,
          "start": 1499817600,
          "end": 1567817600,
          "conditions": [{
              "category": "url",
              "contents": ["/login"],
              "logic": 1
            },{
              "category": "ip",
               "logic": 3,
               "contents": ["192.168.1.1"]
            }
          ],
          "action": {
            "category": "block"
          },
         
         "priority": 10,
         "timestamp": 1499817600
    }

Status Code

Table 8 describes the normal status code returned by the API.
Table 8 Status code

Status Code

Description

Meaning

200

OK

The request has succeeded.

For details about error status codes, see Status Codes.