Querying Precise Protection Rules¶
Function Description¶
This API is used to query all precise protection rules in a policy.
URI¶
URI format
GET /v1/{project_id}/waf/policy/{policy_id}/custom?offset={offset}&limit={limit}
Parameter description
Table 1 Path parameters¶ Parameter
Mandatory
Type
Description
project_id
Yes
String
Specifies the project ID.
policy_id
Yes
String
Specifies the policy ID.
offset
No
Long
Specifies the number of returned pages. Its value ranges from 0 to 65535. The default value is 0.
limit
No
Long
Specifies the maximum number of records displayed on each page. Its value ranges from 0 to 50. The default value is 10.
Request¶
Request parameters
None
Response¶
Response parameters
Parameter | Type | Description |
|---|---|---|
total | Integer | Specifies the total number of precise protection rules in a policy. |
items | Specifies the precise protection rule objects. |
Parameter | Type | Description |
|---|---|---|
id | String | Specifies the ID of a precise protection rule. |
policy_id | String | Specifies the policy ID. |
name | String | Specifies the rule name. |
conditions | Specifies the condition parameters. If there are multiple conditions, the conditions must be met at the same time. | |
action | Specifies the protective action after the precise protection rule is matched. | |
time | Boolean | Specifies the effect time of the precise protection rule.
|
start | Long | Specifies the time when the precise protection rule takes effect. This parameter is returned only when time is true. |
end | Long | Specifies the time when the precise protection rule expires. This parameter is returned only when time is true. |
priority | Integer | Specifies the priority of a rule being executed. Smaller values correspond to higher priorities. If two rules are assigned with the same priority, the rule added earlier has higher priority. The value ranges from 0 to 65535. |
timestamp | Long | Specifies the time when a precise protection rule is added. |
Parameter | Type | Description |
|---|---|---|
category | String | Specifies the condition type. The value can be path, user-agent, ip, params, cookie, referer, or header. |
index | String |
|
logic | String | contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix indicate Include, Exclude, Equal to, Not equal to, Prefix is, Prefix is not, Suffix is, and Suffix is not respectively. If category is set to ip, logic can only be equal or not_equal. |
contents | List | Specifies content matching the condition. |
Parameter | Type | Description |
|---|---|---|
category | String | Specifies the protective action.
|
Example¶
total with a value of 2 is used as an example.
Response example
{
"total": 2,
"items": [{
"id": "7374ad99c6c448e9a9ca35cb46660a39",
"policy_id": "9tre832yf96784ec8abd8ba61a98064ef",
"name": "rule1",
"time": true,
"start": 1499817600,
"end": 1567817600,
"conditions": [{
"category": "path",
"contents": ["/login"],
"logic": "containi"
},{
"category": "ip",
"logic": "equal",
"contents": ["X.X.1.1"]
}
],
"action": {
"category": "block"
},
"priority": 1,
"timestamp": 1499817600
}, {
"id": "7374ad99c6c448e9a9ca35cb46660a39",
"policy_id": "9tre832yf96784ec8abd8ba61a98064ef",
"name": "rule2",
"time": false,
"conditions": [{
"category": "path",
"contents": ["/login"],
"logic": "contain"
},{
"category": "ip",
"logic": "equal",
"contents": ["X.X.1.1"]
}
],
"action": {
"category": "block"
},
"priority": 1,
"timestamp": 1499817600
}
]
}
Status Code¶
Table 6 describes the normal status code returned by the API.
Status Code | Description | Meaning |
|---|---|---|
200 | OK | The request has succeeded. |
For details about error status codes, see Status Codes.