Adding a CC Attack Protection Rule¶
Function Description¶
This API is used to add a CC attack protection rule.
URI¶
URI format
POST /v1/{project_id}/waf/policy/{policy_id}/cc
Parameter description
¶ Parameter
Mandatory
Type
Description
project_id
Yes
String
Specifies the project ID.
policy_id
Yes
String
Specifies the policy ID.
Request¶
Request parameters
Parameter | Mandatory | Type | Description |
---|---|---|---|
path | Yes | String | Specifies the URL to which the rule applies, excluding a domain name.
|
limit_num | No | Integer | Specifies the number of requests allowed from a web visitor in a rate limiting period. Value range: (0, 232). The default value is 1. |
limit_period | No | Integer | Specifies the rate limiting period. Value range: (0, 232), in seconds. The default value is 1. |
lock_time | No | Integer | Specifies the lock duration. The value ranges from 0 seconds to 232 seconds. |
tag_type | Yes | String | Specifies the rate limit mode.
|
tag_index | No | String | If tag_type is set to cookie, this parameter indicates cookie name. |
tag_condition | No | Specifies the Referer (customized request source) field. This field is mandatory when tag_type is set to other. | |
action | Yes | Specifies the action taken when the number of requests reaches the upper limit. |
Parameter | Mandatory | Type | Description |
---|---|---|---|
category | Yes | String | Specifies the category. The value is Referer. This parameter is mandatory when the tag_condition field is transferred. |
contents | Yes | List | Specifies the category content. The format is as follows: http://www.example.com/path. This parameter is mandatory when the tag_condition field is transferred. Currently, only one value is accepted. |
Parameter | Mandatory | Type | Description |
---|---|---|---|
category | Yes | String | Specifies the action. The default value is block.
The default value is block. If tag_type is set to other, this parameter value can only be block. |
detail | No | Specifies the action details. If detail is null, the default block page is displayed by default. This parameter is not required if category is set to captcha. This parameter is required if category is set to block. |
Parameter | Mandatory | Type | Description |
---|---|---|---|
content_type | Yes | String | Specifies the type of the returned page. The options are application/json, text/html, and text/xml. The default value is application/json. |
content | Yes | String | Specifies the content of the returned page. |
Response¶
Response parameters
Parameter | Type | Description |
---|---|---|
id | String | Specifies the ID of a CC attack protection rule. |
policy_id | String | Specifies the policy ID. |
path | String | Specifies the URL to which the rule applies. |
limit_num | Integer | Specifies the number of requests allowed from a web visitor in a rate limiting period. |
limit_period | Integer | Specifies the rate limiting period. |
lock_time | Integer | Specifies the lock duration. The value ranges from 0 seconds to 232 seconds. |
tag_type | String | Specifies the rate limit mode.
|
tag_index | String | If tag_type is set to cookie, this parameter indicates cookie name. |
tag_condition | Specifies the Referer (customized request source) field. This field is returned when tag_type is set to other. | |
action | Specifies the action taken when the number of requests reaches the upper limit. | |
timestamp | Long | Specifies the time when a CC attack protection rule is added. |
default | Boolean | Specifies whether the rule is the default CC attack protection rule.
|
Parameter | Type | Description |
---|---|---|
category | String | Specifies the category. The value is Referer. |
contents | List | Specifies the category content. |
Parameter | Type | Description |
---|---|---|
category | String | Specifies the action. The default value is block.
The default value is block. If tag_type is set to other, this parameter value can only be block. |
detail | Specifies the action details. If detail is null, the default block page is displayed by default. |
Parameter | Type | Description |
---|---|---|
content_type | String | Specifies the type of the returned page. The options are application/json, text/html, and text/xml. |
content | String | Specifies the content of the returned page. |
Examples¶
Request example
{ "path": "/abc1", "limit_num": 10, "limit_period": 60, "lock_time": 10, "tag_type": "cookie", "tag_index": "sesssionid", "action": { "category": "block", "detail": { "response": { "content_type": "application/json", "content": "{\"error\":\"forbidden\"}" } } } }
Response example
{ "id": "3a9b5c0f96784ec8abd8ba61a98064ef", "policy_id": "9tre832yf96784ec8abd8ba61a98064ef", "path": "/abc1", "limit_num": 10, "limit_period": 60, "lock_time": 10, "tag_type": "cookie", "tag_index": "sesssionid", "action": { "category": "block", "detail": { "response": { "content_type": "application/json", "content": "{\"error\":\"forbidden\"}" } } }, "timestamp": 1499817600, "default": false }
Status Code¶
Table 12 describes the normal status code returned by the API.
Status Code | Description | Meaning |
---|---|---|
200 | OK | The request has succeeded. |
For details about error status codes, see Status Codes.