Creating a Precise Protection Rule¶
Function¶
This API is used to create a precise protection rule.
URI¶
POST /v1/{project_id}/waf/policy/{policy_id}/custom
Parameter | Mandatory | Type | Description |
---|---|---|---|
project_id | Yes | String | Project ID |
policy_id | Yes | String | Policy ID. It can be obtained by calling the ListPolicy API. |
Request Parameters¶
Parameter | Mandatory | Type | Description |
---|---|---|---|
X-Auth-Token | Yes | String | auth token |
Content-Type | Yes | String | Content type. Default: application/json;charset=utf8 |
Parameter | Mandatory | Type | Description |
---|---|---|---|
time | Yes | Boolean | Time the precise protection rule takes effect.
|
start | No | Long | Timestamp (ms) when the precise protection rule takes effect. This parameter is returned only when time is true. |
terminal | No | Long | Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true. |
description | No | String | Rule description |
conditions | No | Array of CustomConditions objects | Match condition List |
action | Yes | CustomAction object | Protective action of the precise protection rule. |
priority | Yes | Integer | Priority of a rule. A small value indicates a high priority. If two rules are assigned with the same priority, the rule added earlier has higher priority. Value range: 0 to 1000. |
Parameter | Mandatory | Type | Description |
---|---|---|---|
category | No | String | Field type. The options are url, user-agent, ip, params, cookie, referer, header, request_line, method, and request. Enumeration values:
|
index | No | String | Subfield
|
logic_operation | No | String | Logic for matching the condition.
Enumeration values:
|
contents | No | Array of strings | Content of the conditions. This parameter is mandatory when the suffix of logic_operation is not any or all. |
value_list_id | No | String | Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is mandatory when the suffix of logic_operation is any or all. The reference table type must be the same as the category type. |
Parameter | Mandatory | Type | Description |
---|---|---|---|
category | Yes | String | Operation type
Enumeration values:
|
followed_action_id | No | String | ID of a known attack source rule. This parameter can be configured only when category is set to block. |
Response Parameters¶
Status code: 200
Parameter | Type | Description |
---|---|---|
id | String | Rule ID. |
policyid | String | Policy ID. |
description | String | Rule description |
status | Integer | Rule status. The value can be 0 or 1.
|
conditions | Array of conditions objects | List of matching conditions. All conditions must be met. |
action | CustomAction object | Protective action of the precise protection rule. |
priority | Integer | Priority of a rule. A small value indicates a high priority. If two rules are assigned with the same priority, the rule added earlier has higher priority. Value range: 0 to 1000. |
timestamp | Long | Timestamp when the precise protection rule is created. |
start | Long | Timestamp (ms) when the precise protection rule takes effect. This parameter is returned only when time is true. |
terminal | Long | Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true. |
action_mode | Boolean | This parameter is reserved and can be ignored currently. |
aging_time | Integer | Rule aging time. This parameter is reserved and can be ignored currently. |
producer | Integer | Rule creation object. This parameter is reserved and can be ignored currently. |
Parameter | Type | Description |
---|---|---|
category | String | Field type. The options are url, user-agent, ip, params, cookie, referer, header, request_line, method, and request. Enumeration values:
|
index | String | Subfield
|
logic_operation | String | Logic for matching the condition. Enumeration values:
|
contents | Array of strings | Content of the conditions. |
value_list_id | String | Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is available only when a reference table is used when a protection rule is created. |
Parameter | Type | Description |
---|---|---|
category | String | Operation type
Enumeration values:
|
followed_action_id | String | ID of a known attack source rule. This parameter can be configured only when category is set to block. |
Status code: 400
Parameter | Type | Description |
---|---|---|
error_code | String | Error code |
error_msg | String | Error message |
Status code: 401
Parameter | Type | Description |
---|---|---|
error_code | String | Error code |
error_msg | String | Error message |
Status code: 500
Parameter | Type | Description |
---|---|---|
error_code | String | Error code |
error_msg | String | Error message |
Example Requests¶
POST https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/custom?enterprise_project_id=0
{
"action" : {
"category" : "block"
},
"time" : false,
"priority" : 50,
"description" : "",
"conditions" : [ {
"category" : "url",
"logic_operation" : "contain",
"index" : null,
"contents" : [ "test" ]
} ]
}
Example Responses¶
Status code: 200
Request succeeded.
{
"id" : "88e8bf4158324b2d9a233e7ffb95516d",
"policyid" : "dde63c25e8394b21b16a2a49a99e659b",
"timestamp" : 1678799936830,
"description" : "",
"status" : 1,
"time" : false,
"priority" : 50,
"action_mode" : false,
"conditions" : [ {
"category" : "url",
"contents" : [ "test" ],
"logic_operation" : "contain"
} ],
"action" : {
"category" : "block"
},
"producer" : 1,
"aging_time" : 0
}
Status Codes¶
Status Code | Description |
---|---|
200 | Request succeeded. |
400 | Request failed. |
401 | The token does not have required permissions. |
500 | Internal server error. |
Error Codes¶
See Error Codes.