Querying CC Attack Protection Rules¶
Function¶
This API is used to query the list of CC attack protection rules.
URI¶
GET /v1/{project_id}/waf/policy/{policy_id}/cc
Parameter | Mandatory | Type | Description |
---|---|---|---|
project_id | Yes | String | Project ID |
policy_id | Yes | String | Policy ID. It can be obtained by calling the ListPolicy API. |
Parameter | Mandatory | Type | Description |
---|---|---|---|
page | No | Integer | Page number. Default: 1 |
pagesize | No | Integer | Number of records on each page. The maximum value is 2147483647. |
Request Parameters¶
Parameter | Mandatory | Type | Description |
---|---|---|---|
X-Auth-Token | Yes | String | User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header). |
Content-Type | No | String | Content type. Default value: application/json;charset=utf8 Default: application/json;charset=utf8 |
Response Parameters¶
Status code: 200
Parameter | Type | Description |
---|---|---|
total | Integer | Number of rules in the policy |
items | Array of CcrulesListInfo objects | Array of Cc rules |
Parameter | Type | Description |
---|---|---|
id | String | Rule ID. |
policyid | String | Policy ID. |
url | String | When the value of mode is 0, this parameter has a return value. URL to which the rule applies, excluding a domain name.
|
prefix | Boolean | Whether a prefix is used for the path. If the protected URL ends with an asterisk ( |
mode | Integer | Mode.
|
status | Integer | Rule status. The value can be 0 or 1.
|
conditions | Array of CcCondition objects | Rate limit conditions of the CC protection rule. This parameter is mandatory when the CC protection rule is in advanced mode (i.e. the value of mode is 1). |
action | action object | Protection action to take if the number of requests reaches the upper limit. |
tag_type | String | Rate limit mode.
Enumeration values:
|
tag_index | String | User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
|
tag_condition | tag_condition object | User tag. This parameter is mandatory when the rate limit mode is set to other. -other: A website visitor is identified by the Referer field (user-defined request source). |
limit_num | Integer | Rate limit frequency based on the number of requests. The value ranges from 1 to 2,147,483,647. |
limit_period | Integer | Rate limit period, in seconds. The value ranges from 1 to 3,600. |
unlock_num | Integer | Allowable frequency based on the number of requests. The value ranges from 0 to 2,147,483,647. This parameter is required only when the protection action type is dynamic_block. |
lock_time | Integer | Block duration, in seconds. The value ranges from 0 to 65,535. Access requests are blocked during the configured block duration, and an error page is displayed. |
description | String | Rule description |
total_num | Integer | This parameter is reserved and can be ignored currently. |
unaggregation | Boolean | This parameter is reserved and can be ignored currently. |
aging_time | Integer | Rule aging time. This parameter is reserved and can be ignored currently. |
producer | Integer | Rule creation object. This parameter is reserved and can be ignored currently. |
timestamp | Long | Time the rule is created. |
Parameter | Type | Description |
---|---|---|
category | String | Field type. The value can be url, ip, params, cookie, or header. Enumeration values:
|
logic_operation | String | Logic for matching the condition.
Enumeration values:
|
contents | Array of strings | Content of the conditions. This parameter is mandatory when the suffix of logic_operation is not any or all. |
value_list_id | String | Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is mandatory when the suffix of logic_operation is any or all. The reference table type must be the same as the category type. |
index | String | Subfield. When category is set to params, cookie, or header, set this parameter based on site requirements. This parameter is mandatory. |
Parameter | Type | Description |
---|---|---|
category | String | Action type:
Enumeration values:
|
detail | detail object | Block page information. When protection action category is set to block or dynamic_block, you need to set the returned block page.
|
Parameter | Type | Description |
---|---|---|
content_type | String | Content type. The value can only be application/json, text/html, or text/xml. Enumeration values:
|
content | String | Block page information. |
Parameter | Type | Description |
---|---|---|
category | String | User identifier. The value is fixed at referer. |
contents | Array of strings | Content of the user identifier field. |
Status code: 400
Parameter | Type | Description |
---|---|---|
error_code | String | Error code |
error_msg | String | Error message |
Status code: 401
Parameter | Type | Description |
---|---|---|
error_code | String | Error code |
error_msg | String | Error message |
Status code: 500
Parameter | Type | Description |
---|---|---|
error_code | String | Error code |
error_msg | String | Error message |
Example Requests¶
GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/cc?
{
"description" : "",
"tag_type" : "ip",
"limit_num" : 10,
"limit_period" : 1,
"action" : {
"category" : "captcha"
},
"mode" : 0,
"url" : "/demo"
}
Example Responses¶
Status code: 200
Request succeeded.
{
"total" : 1,
"items" : [ {
"description" : "",
"id" : "a5f3fd28db564696b199228f0ac346b2",
"limit_num" : 10,
"limit_period" : 60,
"lock_time" : 0,
"mode" : 0,
"policyid" : "1f016cde588646aca3fb19f277c44d03",
"prefix" : false,
"status" : 1,
"tag_type" : "ip",
"timestamp" : 1656494435686,
"total_num" : 0,
"unaggregation" : false,
"url" : "/path",
"action" : {
"category" : "captcha"
}
} ]
}
Status Codes¶
Status Code | Description |
---|---|
200 | Request succeeded. |
400 | Request failed. |
401 | The token does not have required permissions. |
500 | Internal server error. |
Error Codes¶
See Error Codes.