This API is used to create an infroamtion leakage protection rule.
+This API is used to create an information leakage prevention rule.
POST /v1/{project_id}/waf/policy/{policy_id}/antileakage
@@ -98,7 +98,7 @@Sensitive information type in the information leakage prevention rule.
sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.
-code: The rule blocks response pages of specified HTTP response code.
+code: The rule blocks returned pages of specified HTTP response code.
Enumeration values:
code
@@ -112,8 +112,8 @@Array of strings
Content corresponding to the sensitive information type. Multiple options can be set.
-When category is set to code, the pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
+Content corresponding to the sensitive information type. Multiple options can be selected.
+When the value of category is code, the returned pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
When category is set to sensitive, parameters phone, id_card, and email can be set.
String
Description
+Rule description.
String
Rule ID
+Rule ID.
url
@@ -161,7 +161,7 @@Sensitive information type in the information leakage prevention rule.
sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.
-code: The rule blocks response pages of specified HTTP response code.
+code: The rule blocks returned pages of specified HTTP response code.
Enumeration values:
code
@@ -173,8 +173,8 @@Array of strings
Content corresponding to the sensitive information type. Multiple options can be set.
-When category is set to code, the pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
+Content corresponding to the sensitive information type. Multiple options can be selected.
+When the value of category is code, the returned pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
When category is set to sensitive, parameters phone, id_card, and email can be set.
Long
Timestamp the rule is created.
+Timestamp the rule was created.
description
diff --git a/docs/wafd/api-ref/CreateCcRule.html b/docs/wafd/api-ref/CreateCcRule.html index f4c837c6..cc4920f7 100644 --- a/docs/wafd/api-ref/CreateCcRule.html +++ b/docs/wafd/api-ref/CreateCcRule.html @@ -112,7 +112,7 @@Array of CcCondition objects
Rate limit conditions of the CC protection rule. This parameter is mandatory when the CC protection rule is in advanced mode (i.e. the value of mode is 1).
+Rate limit conditions of the CC attack protection rule. This parameter is mandatory when the CC attack protection rule is in advanced mode (i.e. the value of mode is 1).
action
@@ -150,7 +150,7 @@String
User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
+User tag. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.
header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.
tag_condition object
User tag. This parameter is mandatory when the rate limit mode is set to other. -other: A website visitor is identified by the Referer field (user-defined request source).
+User tag. This parameter is mandatory when the rate limit mode is set to other. - other: A website visitor is identified by the Referer field (user-defined request source).
limit_num
@@ -198,7 +198,7 @@Integer
Block duration, in seconds. The value ranges from 0 to 65,535. Specifies the period within which access is blocked. An error page is displayed in this period.
+Block during, in seconds. The value ranges from 0 to 65,535. Access requests are blocked during the configured block duration, and an error page is displayed.
description
@@ -207,7 +207,7 @@String
Rule description
+Rule description.
String
Field type. The value can be url, ip, params, cookie, or header.
+Field type. The value can be url, ip, params, cookie, or header.
Enumeration values:
url
ip
@@ -325,7 +325,7 @@String
Action type:
-captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.
+captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.
block: WAF blocks the requests. When tag_type is set to other, the value can only be block.
log: WAF logs the event only.
dynamic_block: In the previous rate limit period, if the request frequency exceeds the value of Rate Limit Frequency, the request is blocked. In the next rate limit period, if the request frequency exceeds the value of Permit Frequency, the request is still blocked. Note: The dynamic_block protection action can be set only when the advanced protection mode is enabled for the CC protection rule.
@@ -370,7 +370,7 @@response object
Returned page.
+Returned page
String
When the value of mode is 0, this parameter has a return value. URL to which the rule applies, excluding a domain name.
+When the value of mode is 0, this parameter has a return value. URL to which the rule applies, excluding a domain name.
Prefix match: A path ending with * indicates that the path is used as a prefix. For example, to protect /admin/test.php or /adminabc, you can set Path to /admin*.
Exact match: The path you enter must exactly match the path you want to protect. If the path you want to protect is /admin, set url to /admin.
Array of CcCondition objects
Rate limit conditions of the CC protection rule. This parameter is mandatory when the CC protection rule is in advanced mode (i.e. the value of mode is 1).
+Rate limit conditions of the CC attack protection rule. This parameter is mandatory when the CC attack protection rule is in advanced mode (i.e. the value of mode is 1).
action
@@ -542,7 +542,7 @@String
User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
+User tag. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.
header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.
tag_condition object
User tag. This parameter is mandatory when the rate limit mode is set to other. -other: A website visitor is identified by the Referer field (user-defined request source).
+User tag. This parameter is mandatory when the rate limit mode is set to other. - other: A website visitor is identified by the Referer field (user-defined request source).
limit_num
@@ -580,14 +580,14 @@Integer
Block duration, in seconds. The value ranges from 0 to 65,535. Specifies the period within which access is blocked. An error page is displayed in this period.
+Block during, in seconds. The value ranges from 0 to 65,535. Access requests are blocked during the configured block duration, and an error page is displayed.
description
String
Rule description
+Rule description.
total_num
@@ -622,7 +622,7 @@Long
Timestamp the rule is created.
+Timestamp the rule was created.
String
Field type. The value can be url, ip, params, cookie, or header.
+Field type. The value can be url, ip, params, cookie, or header.
Enumeration values:
url
ip
@@ -724,7 +724,7 @@String
Action type:
-captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.
+captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.
block: WAF blocks the requests. When tag_type is set to other, the value can only be block.
log: WAF logs the event only.
dynamic_block: In the previous rate limit period, if the request frequency exceeds the value of Rate Limit Frequency, the request is blocked. In the next rate limit period, if the request frequency exceeds the value of Permit Frequency, the request is still blocked. Note: The dynamic_block protection action can be set only when the advanced protection mode is enabled for the CC protection rule.
diff --git a/docs/wafd/api-ref/CreateCertificate.html b/docs/wafd/api-ref/CreateCertificate.html index 902f135b..ca456675 100644 --- a/docs/wafd/api-ref/CreateCertificate.html +++ b/docs/wafd/api-ref/CreateCertificate.html @@ -78,7 +78,7 @@String
Certificate name. The value can contain a maximum of 64 characters. Only digits, letters, hyphens (-), underscores (_), and periods (.) are allowed.
+Certificate name. Only digits, letters, hyphens (-), underscores (_), and periods (.) are allowed. The value can contain a maximum of 256 characters.
content
@@ -131,7 +131,7 @@Long
Timestamp when the certificate expires
+Timestamp when the certificate expires (unit: ms).
timestamp
@@ -141,6 +141,13 @@Timestamp when the certificate is uploaded
cert_type
+String
+Certificate type. This parameter is redundant and can be ignored.
+This API is used to create a precise protection rule.
+This API is used to add a precise protection rule.
POST /v1/{project_id}/waf/policy/{policy_id}/custom
@@ -117,7 +117,7 @@String
Rule description
+Rule description.
conditions
@@ -188,7 +188,7 @@String
Subfield
+Subfield:
When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.
When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.
String
Rule description
+Rule description.
status
@@ -435,7 +435,7 @@String
Subfield
+Subfield:
When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.
When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.
String
Field type. The value can be url, ip, params, cookie, or header.
+Field type. The value can be url, ip, params, cookie, or header.
Enumeration values:
url
ip
diff --git a/docs/wafd/api-ref/CreateInstance.html b/docs/wafd/api-ref/CreateInstance.html index 4e697a07..fb94dd4e 100644 --- a/docs/wafd/api-ref/CreateInstance.html +++ b/docs/wafd/api-ref/CreateInstance.html @@ -116,7 +116,7 @@Specifications of the dedicated engine version. The value can be waf.instance.enterprise or waf.instance.professional.
waf.instance.professional: WI-100. Performance: 100 Mbit/s of throughput and 2,000 QPS.
-waf.instance.enterprise: WI-100. Performance: 500 Mbit/s of throughput and 10,000 QPS.
+waf.instance.enterprise: WI-500. Performance: 500 Mbit/s of throughput and 10,000 QPS.
Enumeration values:
waf.instance.professional
@@ -130,7 +130,7 @@String
ID of the specifications of the ECS hosting the dedicated engine. You can go to the management console and confirm supported specifications.
+ECS specifications and the dedicated WAF instance specifications. You can view details about the supported specifications on the WAF console.
vpc_id
@@ -175,7 +175,7 @@Boolean
Whether to create a dedicated engine instance of the network interface type. Its value has to be true.
+Whether the dedicated WAF instance is network interface type. The value is fixed at Network Interface.
Network Interface: Your WAF instance will be connected to your network via a VPC. (If ELB is used, only dedicated load balancers can be used.)
Enumeration values:
@@ -183,6 +183,15 @@ipv6_enable
+No
+Boolean
+Use of IPv6 addresses. If IPv6 address is enabled, the system assigns an IPv6 address to the dedicated instance.
+String
id
+the id of dedicated WAF engines.
name
String
Name
+the name of dedicated WAF engines.
Status code: 200
diff --git a/docs/wafd/api-ref/CreatePolicy.html b/docs/wafd/api-ref/CreatePolicy.html index 8e6e8c9b..588d4add 100644 --- a/docs/wafd/api-ref/CreatePolicy.html +++ b/docs/wafd/api-ref/CreatePolicy.html @@ -176,7 +176,7 @@ModulexOptions object
Whether to enable intelligent CC protection. This parameter is reserved and can be ignored currently.
+Whether to enabling intelligent CC protection. This parameter is reserved and can be ignored currently.
timestamp
@@ -228,7 +228,7 @@Boolean
Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enabled any of these checks, keep this parameter enabled first. The value can be:
+Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enable any of these checks, keep this parameter enabled first. The value can be:
true: enabled
false: disabled
Boolean
JavaScript anti-crawler function.
+Whether to enable the JavaScript anti-crawler function.
true: Enabled
false: Disabled
Protection statuses for advanced settings in basic web protection. By default, this parameter is left blank, and the Deep Inspection and Header Inspection are disabled.
If deep_decode is set to true, the Deep Inspection is enabled.
If check_all_headers is set to true, the Header Inspection is enabled.
-If deep_decode and check_all_headers are set to false, the Deep Inspection and Header Inspection are disabled.
+If deep_decode and check_all_headers are set to true, the Deep Inspection and Header Inspection are disabled.
String
Protection mode of the global rate limiting function.
-log: WAF logs the event only.
-block: WAF blocks requests.
+Protection mode of the global rate limiting function. WAF logs the event only.
+block: WAF blocks requests.
Enumeration values:
log
@@ -583,8 +582,7 @@String
Management mode of the intelligent precise protection.
-auto: WAF manages automatically generated rules.
-manual: You can manage rules that are automatically generated by WAF.
+auto: Automatic
Enumeration values:
auto
@@ -596,8 +594,7 @@String
Aging mode of the intelligent precise protection.
-manual: You can customize the maximum age of the rule.
-auto: Automatic
+auto: Automatic
Enumeration values:
auto
@@ -640,8 +637,7 @@String
Management mode of the intelligent CC attack protection.
-auto: WAF manages automatically generated rules.
-manual: You can manage rules that are automatically generated by WAF.
+auto: Automatic
Enumeration values:
auto
@@ -652,9 +648,8 @@String
Aging mode of the intelligent CC attack protection..
-manual: You can customize the maximum age of the rule.
-auto: Automatic
+Aging mode of the intelligent CC attack protection.
+auto: Automatic
Enumeration values:
auto
diff --git a/docs/wafd/api-ref/CreatePremiumHost.html b/docs/wafd/api-ref/CreatePremiumHost.html index 11c6c719..f801e250 100644 --- a/docs/wafd/api-ref/CreatePremiumHost.html +++ b/docs/wafd/api-ref/CreatePremiumHost.html @@ -101,7 +101,7 @@proxy
Yes
+No
Boolean
server
Yes
+No
Array of PremiumWafServer objects
Server configuration in dedicated mode
+Server configuration in dedicated mode.
web_tag
@@ -474,7 +474,7 @@String
Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected.
+Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected. You can ignore it.
true: Enable this check.
false: Disable this check.
String
Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected.
+Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected. You can ignore it.
true: Enable this check.
false: Disable this check.
String
Template type. The value can be:
-default: The default block page is returned when a request is blocked.
-custom: Your custom block page is returned when a request is blocked.
-redirect: The request is redirected to the URL you specify.
+Template type, the value can be:
+default: The default block page.
+custom: Your custom block page is returned when a request is blocked. The request is redirected to the URL you specify.
CustomPage object
Custom alarm page
+Custom alarm page.
redirect_url
String
Redirection URL
+Redirect URL. The root domain name of the redirection address must be the name of the currently protected domain (including a wildcard domain name).${http_host} can be used to indicate the currently protected domain name and port, for example, ${http_host}/error.html.
String
Content type of alarm page
+Content type of alarm page.
content
String
Page content
+Page content.
This API is used to create a known attack source rule.
+Creating a Known Attack Source Rule
POST /v1/{project_id}/waf/policy/{policy_id}/punishment
@@ -87,7 +87,7 @@String
Type of the know attack source rule.
+Type of the known attack source rule.
Enumeration values:
long_ip_block
long_cookie_block
@@ -113,7 +113,7 @@String
Description
+Rule description.
String
Rule ID
+Rule ID.
policyid
String
Policy ID
+Policy ID.
block_time
@@ -155,21 +155,21 @@String
Type of the know attack source rule.
+Type of the known attack source rule.
description
String
Description
+Rule description.
timestamp
Long
Timestamp the rule is created.
+Timestamp the rule was created.
Array of strings
Value of the reference table
+The contents of condition matching of the rules, such as CC Attack Protection Rule or Precise Protection Rule.
Array of strings
Value of the reference table
+The contents of condition matching of the rules, such as CC Attack Protection Rule or Precise Protection Rule.
description
String
Reference table description
+Reference table description.
producer
diff --git a/docs/wafd/api-ref/DeleteAntileakageRule.html b/docs/wafd/api-ref/DeleteAntileakageRule.html index 32017495..44437fd3 100644 --- a/docs/wafd/api-ref/DeleteAntileakageRule.html +++ b/docs/wafd/api-ref/DeleteAntileakageRule.html @@ -94,7 +94,7 @@String
Rule ID
+Rule ID.
url
@@ -110,7 +110,7 @@Sensitive information type in the information leakage prevention rule.
sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.
-code: The rule blocks response pages of specified HTTP response code.
+code: The rule blocks returned pages of specified HTTP response code.
Enumeration values:
code
@@ -122,8 +122,8 @@Array of strings
Content corresponding to the sensitive information type. Multiple options can be set.
-When category is set to code, the pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
+Content corresponding to the sensitive information type. Multiple options can be selected.
+When the value of category is code, the returned pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
When category is set to sensitive, parameters phone, id_card, and email can be set.
Long
Timestamp the rule is created.
+Timestamp the rule was created.
description
diff --git a/docs/wafd/api-ref/DeleteCcRule.html b/docs/wafd/api-ref/DeleteCcRule.html index cb5cb359..a9fdf1e6 100644 --- a/docs/wafd/api-ref/DeleteCcRule.html +++ b/docs/wafd/api-ref/DeleteCcRule.html @@ -108,7 +108,7 @@String
When the value of mode is 0, this parameter has a return value. URL to which the rule applies, excluding a domain name.
+When the value of mode is 0, this parameter has a return value. URL to which the rule applies, excluding a domain name.
Prefix match: A path ending with * indicates that the path is used as a prefix. For example, to protect /admin/test.php or /adminabc, you can set Path to /admin*.
Exact match: The path you enter must exactly match the path you want to protect. If the path you want to protect is /admin, set url to /admin.
String
User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
+User tag. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.
header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.
Integer
Block duration, in seconds. The value ranges from 0 to 65,535. Specifies the period within which access is blocked. An error page is displayed in this period.
+Block during, in seconds. The value ranges from 0 to 65,535. Access requests are blocked during the configured block duration, and an error page is displayed.
description
String
Rule description
+Rule description.
total_num
@@ -256,7 +256,7 @@Long
Time the rule is created.
+Timestamp the rule was created.
String
Field type. The value can be url, ip, params, cookie, or header.
+Field type. The value can be url, ip, params, cookie, or header.
Enumeration values:
url
ip
diff --git a/docs/wafd/api-ref/DeleteCertificate.html b/docs/wafd/api-ref/DeleteCertificate.html index ec58953c..cf63c632 100644 --- a/docs/wafd/api-ref/DeleteCertificate.html +++ b/docs/wafd/api-ref/DeleteCertificate.html @@ -1,7 +1,7 @@This API is used to delete a certificate.
+This API is used to delete a certificate. Note: The certificate in use cannot be deleted.
DELETE /v1/{project_id}/waf/certificate/{certificate_id}
@@ -99,7 +99,7 @@Long
Timestamp when the certificate expires
+Timestamp when the certificate expires (unit: ms).
timestamp
@@ -109,6 +109,13 @@Timestamp when the certificate is uploaded
cert_type
+String
+Certificate type. This parameter is redundant and can be ignored.
+String
Rule description
+Rule description.
status
@@ -207,7 +207,7 @@String
Subfield
+Subfield:
When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.
When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.
String
AZ ID.
+available_zone ID.
arch
@@ -127,7 +127,7 @@String
ECS specification ID
+ECS specifications and the dedicated WAF instance specifications. You can view details about the supported specifications on the WAF console.
vpc_id
@@ -155,7 +155,7 @@String
IPv6 address of the service plane of the dedicated engine
+IPv6 address of the dedicated WAF instance on the service plane. This parameter is displayed when ipv6_enable is set to true.
security_group_ids
@@ -242,7 +242,7 @@String
ID of the ECS hosting the dedicated engine. This parameter is the same as server_id, and will be deleted.
+ID of the ECS housing the dedicated engine. This parameter can be ignored because it is the same as server_id.
create_time
@@ -263,7 +263,7 @@Integer
Type of the dedicated WAF instance. Its value is always 1, which means the type of the dedicated WAF instance is Network Interface.
+Type of the dedicated WAF instance If the type is Network Interface, the value is 1.
DELETE https://{endpoint}z/v1/{project_id}/premium-waf/instance/{instance_id}
+DELETE https://{endpoint}/v1/{project_id}/premium-waf/instance/{instance_id}
Status code: 200
Request succeeded.
diff --git a/docs/wafd/api-ref/DeletePolicy.html b/docs/wafd/api-ref/DeletePolicy.html index e3d3e1d3..21f856fd 100644 --- a/docs/wafd/api-ref/DeletePolicy.html +++ b/docs/wafd/api-ref/DeletePolicy.html @@ -115,7 +115,7 @@Protection level
1: WAF detects wget, cURL, and more but does not detect XSS and command injection attacks in the header, so you may miss more vulnerabilities that actually exist. If you find out that configured protection rules are affecting your services, adjust the protection level to 1.
-2: WAF detects remote file inclusion, third-party software vulnerabilities, web shell and ftp commands. This is the default value.
+2: Medium. WAF detects remote file inclusion, third-party software vulnerabilities, web shell, and cp and ftp commands. This is the default value.
3: If you need a stricter protection level, set this parameter to 3. This may increase the false positive rate but decrease the false negative rate, such as nc, nmap, and kill.
Integer
Time a policy is created
+Time the policy was created.
Boolean
Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enabled any of these checks, keep this parameter enabled first. The value can be:
+Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enable any of these checks, keep this parameter enabled first. The value can be:
true: enabled
false: disabled
Boolean
JavaScript anti-crawler function.
+Whether to enable the JavaScript anti-crawler function.
true: Enabled
false: Disabled
Protection statuses for advanced settings in basic web protection. By default, this parameter is left blank, and the Deep Inspection and Header Inspection are disabled.
If deep_decode is set to true, the Deep Inspection is enabled.
If check_all_headers is set to true, the Header Inspection is enabled.
-If deep_decode and check_all_headers are set to false, the Deep Inspection and Header Inspection are disabled.
+If deep_decode and check_all_headers are set to true, the Deep Inspection and Header Inspection are disabled.
String
Protection mode of the global rate limiting function.
-log: WAF logs the event only.
-block: WAF blocks requests.
+Protection mode of the global rate limiting function. WAF logs the event only.
+block: WAF blocks requests.
Enumeration values:
log
@@ -562,8 +561,7 @@String
Management mode of the intelligent precise protection.
-auto: WAF manages automatically generated rules.
-manual: You can manage rules that are automatically generated by WAF.
+auto: Automatic
Enumeration values:
auto
@@ -575,8 +573,7 @@String
Aging mode of the intelligent precise protection.
-manual: You can customize the maximum age of the rule.
-auto: Automatic
+auto: Automatic
Enumeration values:
auto
@@ -619,8 +616,7 @@String
Management mode of the intelligent CC attack protection.
-auto: WAF manages automatically generated rules.
-manual: You can manage rules that are automatically generated by WAF.
+auto: Automatic
Enumeration values:
auto
@@ -631,9 +627,8 @@String
Aging mode of the intelligent CC attack protection..
-manual: You can customize the maximum age of the rule.
-auto: Automatic
+Aging mode of the intelligent CC attack protection.
+auto: Automatic
Enumeration values:
auto
diff --git a/docs/wafd/api-ref/DeletePremiumHost.html b/docs/wafd/api-ref/DeletePremiumHost.html index bb525f81..21e4d4bf 100644 --- a/docs/wafd/api-ref/DeletePremiumHost.html +++ b/docs/wafd/api-ref/DeletePremiumHost.html @@ -211,7 +211,7 @@String
Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected.
+Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected. You can ignore it.
true: Enable this check.
false: Disable this check.
String
Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected.
+Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected. You can ignore it.
true: Enable this check.
false: Disable this check.
This API is used to delete a known attack source rule.
+Deleting a Known Attack Source Rule
DELETE /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}
@@ -94,14 +94,14 @@String
Rule ID
+Rule ID.
policyid
String
Policy ID
+Policy ID.
block_time
@@ -115,7 +115,7 @@String
Type of the know attack source rule.
+Type of the known attack source rule.
Enumeration values:
long_ip_block
long_cookie_block
@@ -130,14 +130,14 @@String
Description
+Rule description.
timestamp
Long
Timestamp the rule is created.
+Timestamp the rule was created.
400
WAF.00011016
+name.duplicate
+Duplicated name.
+Change the name.
+400
+WAF.00012001
invalid.token
diff --git a/docs/wafd/api-ref/ListAntileakageRules.html b/docs/wafd/api-ref/ListAntileakageRules.html index da65eed7..1bc6a5c8 100644 --- a/docs/wafd/api-ref/ListAntileakageRules.html +++ b/docs/wafd/api-ref/ListAntileakageRules.html @@ -143,7 +143,7 @@String
Rule ID
+Rule ID.
url
@@ -159,7 +159,7 @@Sensitive information type in the information leakage prevention rule.
sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.
-code: The rule blocks response pages of specified HTTP response code.
+code: The rule blocks returned pages of specified HTTP response code.
Enumeration values:
code
@@ -171,8 +171,8 @@Array of strings
Content corresponding to the sensitive information type. Multiple options can be set.
-When category is set to code, the pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
+Content corresponding to the sensitive information type. Multiple options can be selected.
+When the value of category is code, the returned pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
When category is set to sensitive, parameters phone, id_card, and email can be set.
Long
Timestamp the rule is created.
+Timestamp the rule was created.
description
diff --git a/docs/wafd/api-ref/ListBandwidthTimeline.html b/docs/wafd/api-ref/ListBandwidthTimeline.html index 65136390..1435f4f2 100644 --- a/docs/wafd/api-ref/ListBandwidthTimeline.html +++ b/docs/wafd/api-ref/ListBandwidthTimeline.html @@ -80,10 +80,10 @@String
Data aggregation interval. If this parameter is not specified, data is displayed by a time range calculated based on parameters from and to.
+Data aggregation interval. Data display time range. For example, If the value is DAY, data is displayed by the day. If this parameter is not specified, data is displayed by a time range specified by parameters from and to.
If the time range between from and to is fewer than or equal to 1 day, the interval is one minute.
If the time range between from and to is greater than 1 day but fewer than or equal to 3 days, the interval is 5 minutes.
-If the time range between from and to is greater than 3 days but fewer than or equal 7 days, the interval is 10 minutes.
+If the time range between from and to is greater than 3 days but fewer than or equal to 7 days, the interval is 10 minutes.
If the time range between from and to is greater than 7 days but fewer than or equal to 30 days, the interval is 1 hour.
Integer
Quantity. Aggregated data is returned.
+Quantity. Aggregated data is returned. The num field indicates the statistical value between the time point and the previous time point.
This API is used to query the list of CC attack protection rules.
GET /v1/{project_id}/waf/policy/{policy_id}/cc
@@ -158,7 +158,7 @@String
When the value of mode is 0, this parameter has a return value. URL to which the rule applies, excluding a domain name.
+When the value of mode is 0, this parameter has a return value. URL to which the rule applies, excluding a domain name.
Prefix match: A path ending with * indicates that the path is used as a prefix. For example, to protect /admin/test.php or /adminabc, you can set Path to /admin*.
Exact match: The path you enter must exactly match the path you want to protect. If the path you want to protect is /admin, set url to /admin.
Array of CcCondition objects
Rate limit conditions of the CC protection rule. This parameter is mandatory when the CC protection rule is in advanced mode (i.e. the value of mode is 1).
+Rate limit conditions of the CC attack protection rule. This parameter is mandatory when the CC attack protection rule is in advanced mode (i.e. the value of mode is 1).
action
@@ -226,7 +226,7 @@String
User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
+User tag. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.
header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.
tag_condition object
User tag. This parameter is mandatory when the rate limit mode is set to other. -other: A website visitor is identified by the Referer field (user-defined request source).
+User tag. This parameter is mandatory when the rate limit mode is set to other. - other: A website visitor is identified by the Referer field (user-defined request source).
limit_num
@@ -264,14 +264,14 @@Integer
Block duration, in seconds. The value ranges from 0 to 65,535. Access requests are blocked during the configured block duration, and an error page is displayed.
+Block during, in seconds. The value ranges from 0 to 65,535. Access requests are blocked during the configured block duration, and an error page is displayed.
description
String
Rule description
+Rule description.
total_num
@@ -306,7 +306,7 @@Long
Time the rule is created.
+Timestamp the rule was created.
String
Field type. The value can be url, ip, params, cookie, or header.
+Field type. The value can be url, ip, params, cookie, or header.
Enumeration values:
url
ip
diff --git a/docs/wafd/api-ref/ListCertificates.html b/docs/wafd/api-ref/ListCertificates.html index f97ba1e7..86cae600 100644 --- a/docs/wafd/api-ref/ListCertificates.html +++ b/docs/wafd/api-ref/ListCertificates.html @@ -199,7 +199,7 @@Long
Timestamp when the certificate expire. This parameter is returned in the response body only when the value of host in the URL request is true.
+Timestamp when the certificate expires (unit: ms). This parameter is returned in the response body only when the value of host in the URL request is true.
exp_status
@@ -227,6 +227,27 @@Domain name associated with the certificate. This parameter is returned in the response body only when the value of host in the URL request is true.
enterprise_project_id
+String
+Enterprise project ID.
+share_status
+Integer
+Sharing status. This parameter is redundant and can be ignored.
+cert_type
+String
+Certificate type. This parameter is redundant and can be ignored.
+This API is used to query the list of precise protection rules.
GET /v1/{project_id}/waf/policy/{policy_id}/custom
@@ -257,7 +257,7 @@String
Subfield
+Subfield:
When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.
When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.
String
Protective action
+Protective action. The value can be:
+log
+block
+captcha
+request_line
@@ -298,7 +302,7 @@Integer
The time of the WAF service processing the request.
+The time of the WAF service processing the request, in milliseconds.
region
@@ -319,14 +323,14 @@Long
Time to response
+Backend server response time.
response_size
Integer
Response body size
+Response body size, in bytes.
response_body
diff --git a/docs/wafd/api-ref/ListInstance.html b/docs/wafd/api-ref/ListInstance.html index 690a82b6..e932d9d3 100644 --- a/docs/wafd/api-ref/ListInstance.html +++ b/docs/wafd/api-ref/ListInstance.html @@ -174,7 +174,7 @@String
AZ ID.
+available_zone ID.
arch
@@ -188,7 +188,7 @@String
ECS specification ID
+ECS specifications and the dedicated WAF instance specifications. You can view details about the supported specifications on the WAF console.
vpc_id
@@ -216,7 +216,7 @@String
IPv6 address of the service plane of the dedicated engine
+IPv6 address of the dedicated WAF instance on the service plane. This parameter is displayed when ipv6_enable is set to true.
security_group_ids
@@ -310,7 +310,7 @@String
ID of the ECS hosting the dedicated engine. This parameter is the same as server_id, and will be deleted.
+ID of the ECS housing the dedicated engine. This parameter can be ignored because it is the same as server_id.
create_time
@@ -331,7 +331,7 @@Integer
Type of the dedicated WAF instance. Its value is always 1, which means the type of the dedicated WAF instance is Network Interface.
+Type of the dedicated WAF instance If the type is Network Interface, the value is 1.
ModulexOptions object
Whether to enable intelligent CC protection. This parameter is reserved and can be ignored currently.
+Whether to enabling intelligent CC protection. This parameter is reserved and can be ignored currently.
timestamp
@@ -273,7 +273,7 @@Boolean
Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enabled any of these checks, keep this parameter enabled first. The value can be:
+Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enable any of these checks, keep this parameter enabled first. The value can be:
true: enabled
false: disabled
Boolean
JavaScript anti-crawler function.
+Whether to enable the JavaScript anti-crawler function.
true: Enabled
false: Disabled
Protection statuses for advanced settings in basic web protection. By default, this parameter is left blank, and the Deep Inspection and Header Inspection are disabled.
If deep_decode is set to true, the Deep Inspection is enabled.
If check_all_headers is set to true, the Header Inspection is enabled.
-If deep_decode and check_all_headers are set to false, the Deep Inspection and Header Inspection are disabled.
+If deep_decode and check_all_headers are set to true, the Deep Inspection and Header Inspection are disabled.
String
Protection mode of the global rate limiting function.
-log: WAF logs the event only.
-block: WAF blocks requests.
+Protection mode of the global rate limiting function. WAF logs the event only.
+block: WAF blocks requests.
Enumeration values:
log
@@ -628,8 +627,7 @@String
Management mode of the intelligent precise protection.
-auto: WAF manages automatically generated rules.
-manual: You can manage rules that are automatically generated by WAF.
+auto: Automatic
Enumeration values:
auto
@@ -641,8 +639,7 @@String
Aging mode of the intelligent precise protection.
-manual: You can customize the maximum age of the rule.
-auto: Automatic
+auto: Automatic
Enumeration values:
auto
@@ -685,8 +682,7 @@String
Management mode of the intelligent CC attack protection.
-auto: WAF manages automatically generated rules.
-manual: You can manage rules that are automatically generated by WAF.
+auto: Automatic
Enumeration values:
auto
@@ -697,9 +693,8 @@String
Aging mode of the intelligent CC attack protection..
-manual: You can customize the maximum age of the rule.
-auto: Automatic
+Aging mode of the intelligent CC attack protection.
+auto: Automatic
Enumeration values:
auto
diff --git a/docs/wafd/api-ref/ListPremiumHost.html b/docs/wafd/api-ref/ListPremiumHost.html index 70ff307a..d83b6ac2 100644 --- a/docs/wafd/api-ref/ListPremiumHost.html +++ b/docs/wafd/api-ref/ListPremiumHost.html @@ -232,6 +232,13 @@This parameter includes some extended information about the protected domain name.
vpc_ids
+Array of strings
+ID of the VPC where the dedicated WAF instance locates.
+String
Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected.
+Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected. You can ignore it.
true: Enable this check.
false: Disable this check.
String
Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected.
+Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected. You can ignore it.
true: Enable this check.
false: Disable this check.
String
Rule ID
+Rule ID.
policyid
String
Policy ID
+Policy ID.
block_time
@@ -164,21 +164,21 @@String
Type of the know attack source rule.
+Type of the known attack source rule.
description
String
Description
+Rule description.
timestamp
Long
Timestamp the rule is created.
+Timestamp the rule was created.
String
How the queried data is displayed. The data can be displayed by the day or by the minute. For example, if the value is set to DAY, data is displayed by the day. By default, this parameter is not included, and data is displayed by the minute.
+Data aggregation interval. Data display time range. For example, If the value is DAY, data is displayed by the day. If this parameter is not specified, data is displayed by a time range specified by parameters from and to. - If the time range between from and to is fewer than or equal to 1 day, the interval is one minute.
+If the time range between from and to is greater than 1 day but fewer than or equal to 3 days, the interval is 5 minutes.
+If the time range between from and to is greater than 3 days but fewer than or equal to 7 days, the interval is 10 minutes.
+If the time range between from and to is greater than 7 days but fewer than or equal to 30 days, the interval is 1 hour.
+Content-Type
Yes
+No
String
Integer
Quantity. Aggregated data is returned.
+Quantity. Aggregated data is returned. The num field indicates the statistical value between the time point and the previous time point.
CC: CC attacks identified
WEB_ATTACK: Attacks blocked against basic web protection
PRECISE: Attacks blocked against precise protection rules
-TOTAL_ATTACK: Total number of attacks
+ATTACK: Total number of attacks
Integer
Quantity
+The value of the statistical data corresponding to the key in the query interval.
Array of ValueList objects
Reference table list
+Array Length: 0 - 10
Array of strings
Value of the reference table
+The contents of condition matching of the rules, such as CC Attack Protection Rule or Precise Protection Rule.
producer
diff --git a/docs/wafd/api-ref/RenameInstance.html b/docs/wafd/api-ref/RenameInstance.html index 0c08f38b..bca500de 100644 --- a/docs/wafd/api-ref/RenameInstance.html +++ b/docs/wafd/api-ref/RenameInstance.html @@ -136,7 +136,7 @@String
AZ ID.
+available_zone ID.
arch
@@ -150,7 +150,7 @@String
ECS specification ID
+ECS specifications and the dedicated WAF instance specifications. You can view details about the supported specifications on the WAF console.
vpc_id
@@ -178,7 +178,7 @@String
IPv6 address of the service plane of the dedicated engine
+IPv6 address of the dedicated WAF instance on the service plane. This parameter is displayed when ipv6_enable is set to true.
security_group_ids
@@ -265,7 +265,7 @@String
ID of the ECS hosting the dedicated engine. This parameter is the same as server_id, and will be deleted.
+ID of the ECS housing the dedicated engine. This parameter can be ignored because it is the same as server_id.
create_time
@@ -286,7 +286,7 @@Integer
Type of the dedicated WAF instance. Its value is always 1, which means the type of the dedicated WAF instance is Network Interface.
+Type of the dedicated WAF instance If the type is Network Interface, the value is 1.
String
Rule ID
+Rule ID.
url
@@ -110,7 +110,7 @@Sensitive information type in the information leakage prevention rule.
sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.
-code: The rule blocks response pages of specified HTTP response code.
+code: The rule blocks returned pages of specified HTTP response code.
Enumeration values:
code
@@ -122,8 +122,8 @@Array of strings
Content corresponding to the sensitive information type. Multiple options can be set.
-When category is set to code, the pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
+Content corresponding to the sensitive information type. Multiple options can be selected.
+When the value of category is code, the returned pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
When category is set to sensitive, parameters phone, id_card, and email can be set.
Long
Timestamp the rule is created.
+Timestamp the rule was created.
description
diff --git a/docs/wafd/api-ref/ShowCcRule.html b/docs/wafd/api-ref/ShowCcRule.html index 6c05efda..a2a04fb4 100644 --- a/docs/wafd/api-ref/ShowCcRule.html +++ b/docs/wafd/api-ref/ShowCcRule.html @@ -108,7 +108,7 @@String
When the value of mode is 0, this parameter has a return value. URL to which the rule applies, excluding a domain name.
+When the value of mode is 0, this parameter has a return value. URL to which the rule applies, excluding a domain name.
Prefix match: A path ending with * indicates that the path is used as a prefix. For example, to protect /admin/test.php or /adminabc, you can set Path to /admin*.
Exact match: The path you enter must exactly match the path you want to protect. If the path you want to protect is /admin, set url to /admin.
Array of CcCondition objects
Rate limit conditions of the CC protection rule. This parameter is mandatory when the CC protection rule is in advanced mode (i.e. the value of mode is 1).
+Rate limit conditions of the CC attack protection rule. This parameter is mandatory when the CC attack protection rule is in advanced mode (i.e. the value of mode is 1).
action
@@ -176,7 +176,7 @@String
User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
+User tag. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.
header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.
tag_condition object
User tag. This parameter is mandatory when the rate limit mode is set to other. -other: A website visitor is identified by the Referer field (user-defined request source).
+User tag. This parameter is mandatory when the rate limit mode is set to other. - other: A website visitor is identified by the Referer field (user-defined request source).
limit_num
@@ -214,14 +214,14 @@Integer
Block duration, in seconds. The value ranges from 0 to 65,535. Specifies the period within which access is blocked. An error page is displayed in this period.
+Block during, in seconds. The value ranges from 0 to 65,535. Access requests are blocked during the configured block duration, and an error page is displayed.
description
String
Rule description
+Rule description.
total_num
@@ -256,7 +256,7 @@Long
Time the rule is created.
+Timestamp the rule was created.
String
Field type. The value can be url, ip, params, cookie, or header.
+Field type. The value can be url, ip, params, cookie, or header.
Enumeration values:
url
ip
@@ -358,7 +358,7 @@String
Action type:
-captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.
+captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.
block: WAF blocks the requests. When tag_type is set to other, the value can only be block.
log: WAF logs the event only.
dynamic_block: In the previous rate limit period, if the request frequency exceeds the value of Rate Limit Frequency, the request is blocked. In the next rate limit period, if the request frequency exceeds the value of Permit Frequency, the request is still blocked. Note: The dynamic_block protection action can be set only when the advanced protection mode is enabled for the CC protection rule.
diff --git a/docs/wafd/api-ref/ShowCertificate.html b/docs/wafd/api-ref/ShowCertificate.html index cdf4e75e..847512cd 100644 --- a/docs/wafd/api-ref/ShowCertificate.html +++ b/docs/wafd/api-ref/ShowCertificate.html @@ -113,7 +113,7 @@Long
Timestamp when the certificate expire
+Timestamp when the certificate expires (unit: ms).
timestamp
@@ -127,7 +127,14 @@Array of BindHost objects
Domain name associated with the certificate
+Domain name associated with the certificate.
+cert_type
+String
+Certificate type. This parameter is redundant and can be ignored.
String
Rule description
+Rule description.
status
@@ -219,7 +219,7 @@String
Subfield
+Subfield:
When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.
When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.
String
Protective action
+Protective action. The value can be:
+log
+block
+captcha
+request_line
@@ -232,7 +236,7 @@Integer
The time of the WAF service processing the request.
+The time of the WAF service processing the request, in milliseconds.
region
@@ -253,14 +257,14 @@Long
Time to response
+Backend server response time.
response_size
Integer
Response body size
+Response body size, in bytes.
response_body
diff --git a/docs/wafd/api-ref/ShowInstance.html b/docs/wafd/api-ref/ShowInstance.html index d792c86d..e49900df 100644 --- a/docs/wafd/api-ref/ShowInstance.html +++ b/docs/wafd/api-ref/ShowInstance.html @@ -113,7 +113,7 @@String
AZ ID.
+available_zone ID.
arch
@@ -127,7 +127,7 @@String
ECS specification ID
+ECS specifications and the dedicated WAF instance specifications. You can view details about the supported specifications on the WAF console.
vpc_id
@@ -155,7 +155,7 @@String
IPv6 address of the service plane of the dedicated engine
+IPv6 address of the dedicated WAF instance on the service plane. This parameter is displayed when ipv6_enable is set to true.
security_group_ids
@@ -242,7 +242,7 @@String
ID of the ECS hosting the dedicated engine. This parameter is the same as server_id, and will be deleted.
+ID of the ECS housing the dedicated engine. This parameter can be ignored because it is the same as server_id.
create_time
@@ -263,7 +263,7 @@Integer
Type of the dedicated WAF instance. Its value is always 1, which means the type of the dedicated WAF instance is Network Interface.
+Type of the dedicated WAF instance If the type is Network Interface, the value is 1.
ModulexOptions object
Whether to enable intelligent CC protection. This parameter is reserved and can be ignored currently.
+Whether to enabling intelligent CC protection. This parameter is reserved and can be ignored currently.
timestamp
@@ -221,7 +221,7 @@Boolean
Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enabled any of these checks, keep this parameter enabled first. The value can be:
+Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enable any of these checks, keep this parameter enabled first. The value can be:
true: enabled
false: disabled
Boolean
JavaScript anti-crawler function.
+Whether to enable the JavaScript anti-crawler function.
true: Enabled
false: Disabled
Protection statuses for advanced settings in basic web protection. By default, this parameter is left blank, and the Deep Inspection and Header Inspection are disabled.
If deep_decode is set to true, the Deep Inspection is enabled.
If check_all_headers is set to true, the Header Inspection is enabled.
-If deep_decode and check_all_headers are set to false, the Deep Inspection and Header Inspection are disabled.
+If deep_decode and check_all_headers are set to true, the Deep Inspection and Header Inspection are disabled.
String
Protection mode of the global rate limiting function.
-log: WAF logs the event only.
-block: WAF blocks requests.
+Protection mode of the global rate limiting function. WAF logs the event only.
+block: WAF blocks requests.
Enumeration values:
log
@@ -602,8 +601,7 @@String
Management mode of the intelligent precise protection.
-auto: WAF manages automatically generated rules.
-manual: You can manage rules that are automatically generated by WAF.
+auto: Automatic
Enumeration values:
auto
@@ -615,8 +613,7 @@String
Aging mode of the intelligent precise protection.
-manual: You can customize the maximum age of the rule.
-auto: Automatic
+auto: Automatic
Enumeration values:
auto
@@ -659,8 +656,7 @@String
Management mode of the intelligent CC attack protection.
-auto: WAF manages automatically generated rules.
-manual: You can manage rules that are automatically generated by WAF.
+auto: Automatic
Enumeration values:
auto
@@ -671,9 +667,8 @@String
Aging mode of the intelligent CC attack protection..
-manual: You can customize the maximum age of the rule.
-auto: Automatic
+Aging mode of the intelligent CC attack protection.
+auto: Automatic
Enumeration values:
auto
diff --git a/docs/wafd/api-ref/ShowPremiumHost.html b/docs/wafd/api-ref/ShowPremiumHost.html index 2de89c2f..14f5667b 100644 --- a/docs/wafd/api-ref/ShowPremiumHost.html +++ b/docs/wafd/api-ref/ShowPremiumHost.html @@ -188,7 +188,7 @@Integer
Lock status. This parameter is redundant and can be ignored. Default value: 0
+Lock status. This parameter is redundant and can be ignored. Default value: - 0:
Default: 0
String
Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected.
+Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected. You can ignore it.
true: Enable this check.
false: Disable this check.
String
Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected.
+Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected. You can ignore it.
true: Enable this check.
false: Disable this check.
String
Template type. The value can be:
-default: The default block page is returned when a request is blocked.
-custom: Your custom block page is returned when a request is blocked.
-redirect: The request is redirected to the URL you specify.
+Template type, the value can be:
+default: The default block page.
+custom: Your custom block page is returned when a request is blocked. The request is redirected to the URL you specify.
CustomPage object
Custom alarm page
+Custom alarm page.
redirect_url
String
Redirection URL
+Redirect URL. The root domain name of the redirection address must be the name of the currently protected domain (including a wildcard domain name).${http_host} can be used to indicate the currently protected domain name and port, for example, ${http_host}/error.html.
String
Content type of alarm page
+Content type of alarm page.
content
String
Page content
+Page content.
String
Rule ID
+Rule ID.
policyid
String
Policy ID
+Policy ID.
block_time
@@ -115,7 +115,7 @@String
Type of the know attack source rule.
+Type of the known attack source rule.
Enumeration values:
long_ip_block
long_cookie_block
@@ -130,14 +130,14 @@String
Description
+Rule description.
timestamp
Long
Timestamp the rule is created.
+Timestamp the rule was created.
This API is used to query a reference table.
+This API is used to query a reference table by ID.
GET /v1/{project_id}/waf/valuelist/{valuelist_id}
@@ -124,14 +124,14 @@Array of strings
Value of the reference table
+The contents of condition matching of the rules, such as CC Attack Protection Rule or Precise Protection Rule.
description
String
Reference table description
+Reference table description.
producer
diff --git a/docs/wafd/api-ref/ShowWhiteblackipRule.html b/docs/wafd/api-ref/ShowWhiteblackipRule.html index 0da4b985..4f43bf8e 100644 --- a/docs/wafd/api-ref/ShowWhiteblackipRule.html +++ b/docs/wafd/api-ref/ShowWhiteblackipRule.html @@ -1,6 +1,6 @@ -This API is used to query a blacklist or whitelist rule by ID.
GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}
diff --git a/docs/wafd/api-ref/UpdateAntiTamperRuleRefresh.html b/docs/wafd/api-ref/UpdateAntiTamperRuleRefresh.html index f66b8e64..eaefb9ba 100644 --- a/docs/wafd/api-ref/UpdateAntiTamperRuleRefresh.html +++ b/docs/wafd/api-ref/UpdateAntiTamperRuleRefresh.html @@ -1,7 +1,7 @@This API is used to updating the cache for a web tamper protection Rule.
+This API is used to update the cache for a web tamper protection rule
POST /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}/refresh
diff --git a/docs/wafd/api-ref/UpdateAntileakageRule.html b/docs/wafd/api-ref/UpdateAntileakageRule.html index 3a7409d7..e23c804e 100644 --- a/docs/wafd/api-ref/UpdateAntileakageRule.html +++ b/docs/wafd/api-ref/UpdateAntileakageRule.html @@ -107,7 +107,7 @@Sensitive information type in the information leakage prevention rule.
sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.
-code: The rule blocks response pages of specified HTTP response code.
+code: The rule blocks returned pages of specified HTTP response code.
Enumeration values:
code
@@ -121,8 +121,8 @@Array of strings
Content corresponding to the sensitive information type. Multiple options can be set.
-When category is set to code, the pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
+Content corresponding to the sensitive information type. Multiple options can be selected.
+When the value of category is code, the returned pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
When category is set to sensitive, parameters phone, id_card, and email can be set.
String
Description.
+Rule description.
String
Rule ID
+Rule ID.
url
@@ -170,7 +170,7 @@Sensitive information type in the information leakage prevention rule.
code: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.
-sensitive: The rule blocks response pages of specified HTTP response code.
+sensitive: The rule blocks returned pages of specified HTTP response code.
Enumeration values:
code
@@ -182,7 +182,7 @@Array of strings
Value
+Rule content.
description
diff --git a/docs/wafd/api-ref/UpdateCcRule.html b/docs/wafd/api-ref/UpdateCcRule.html index 8eb6edc4..9ba05b20 100644 --- a/docs/wafd/api-ref/UpdateCcRule.html +++ b/docs/wafd/api-ref/UpdateCcRule.html @@ -159,7 +159,7 @@String
User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
+User tag. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.
header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.
Integer
Block duration, in seconds. The value ranges from 0 to 65,535. Specifies the period within which access is blocked. An error page is displayed in this period.
+Block during, in seconds. The value ranges from 0 to 65,535. Access requests are blocked during the configured block duration, and an error page is displayed.
description
@@ -216,7 +216,7 @@String
Rule description
+Rule description.
String
Field type. The value can be url, ip, params, cookie, or header.
+Field type. The value can be url, ip, params, cookie, or header.
Enumeration values:
url
ip
@@ -379,7 +379,7 @@response object
Returned page.
+Returned page
String
When the value of mode is 0, this parameter has a return value. URL to which the rule applies, excluding a domain name.
+When the value of mode is 0, this parameter has a return value. URL to which the rule applies, excluding a domain name.
Prefix match: A path ending with * indicates that the path is used as a prefix. For example, to protect /admin/test.php or /adminabc, you can set Path to /admin*.
Exact match: The path you enter must exactly match the path you want to protect. If the path you want to protect is /admin, set url to /admin.
String
User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
+User tag. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.
header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.
Integer
Block duration, in seconds. The value ranges from 0 to 65,535. The period within which access is blocked. An error page is displayed in this period.
+Block during, in seconds. The value ranges from 0 to 65,535. Access requests are blocked during the configured block duration, and an error page is displayed.
description
String
Rule description
+Rule description.
total_num
@@ -633,7 +633,7 @@String
Field type. The value can be url, ip, params, cookie, or header.
+Field type. The value can be url, ip, params, cookie, or header.
Enumeration values:
url
ip
@@ -716,7 +716,7 @@String
Action type:
-captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.
+captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.
block: WAF blocks the requests. When tag_type is set to other, the value can only be block.
log: WAF logs the event only.
dynamic_block: In the previous rate limit period, if the request frequency exceeds the value of Rate Limit Frequency, the request is blocked. In the next rate limit period, if the request frequency exceeds the value of Permit Frequency, the request is still blocked. Note: The dynamic_block protection action can be set only when the advanced protection mode is enabled for the CC protection rule.
diff --git a/docs/wafd/api-ref/UpdateCertificate.html b/docs/wafd/api-ref/UpdateCertificate.html new file mode 100644 index 00000000..d48e1208 --- /dev/null +++ b/docs/wafd/api-ref/UpdateCertificate.html @@ -0,0 +1,322 @@ + + +This API is used to modify a certificate. Note: The certificate in use cannot be updated.
+PUT /v1/{project_id}/waf/certificate/{certificate_id}
+ +Parameter + |
+Mandatory + |
+Type + |
+Description + |
+
|---|---|---|---|
project_id + |
+Yes + |
+String + |
+Project ID. + |
+
certificate_id + |
+Yes + |
+String + |
+HTTPS certificate ID. It can be obtained by calling the ListCertificates API. + |
+
Parameter + |
+Mandatory + |
+Type + |
+Description + |
+
|---|---|---|---|
enterprise_project_id + |
+No + |
+String + |
+You can obtain the ID by calling the ListEnterpriseProject API of EPS. + |
+
Parameter + |
+Mandatory + |
+Type + |
+Description + |
+
|---|---|---|---|
X-Auth-Token + |
+Yes + |
+String + |
+User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header). + |
+
Content-Type + |
+Yes + |
+String + |
+Content type. +Default: application/json;charset=utf8 + |
+
Parameter + |
+Mandatory + |
+Type + |
+Description + |
+
|---|---|---|---|
name + |
+Yes + |
+String + |
+Certificate name. The value can contain a maximum of 64 characters. Only digits, letters, hyphens (-), underscores (_), and periods (.) are allowed. + |
+
content + |
+No + |
+String + |
+Certificate file. Only certificates and private key files in PEM format are supported, and the newline characters in the file must be replaced with \n. + |
+
key + |
+No + |
+String + |
+Certificate private key. Only certificates and private key files in PEM format are supported, and the newline characters in the files must be replaced with \n. + |
+
Status code: 200
+ +Parameter + |
+Type + |
+Description + |
+
|---|---|---|
id + |
+String + |
+Certificate ID + |
+
name + |
+String + |
+Certificate name + |
+
expire_time + |
+Long + |
+Timestamp when the certificate expires (unit: ms). + |
+
timestamp + |
+Long + |
+Timestamp when the certificate is uploaded + |
+
cert_type + |
+String + |
+Certificate type. This parameter is redundant and can be ignored. + |
+
Status code: 400
+ +Parameter + |
+Type + |
+Description + |
+
|---|---|---|
error_code + |
+String + |
+Error code + |
+
error_msg + |
+String + |
+Error message + |
+
Status code: 401
+ +Parameter + |
+Type + |
+Description + |
+
|---|---|---|
error_code + |
+String + |
+Error code + |
+
error_msg + |
+String + |
+Error message + |
+
Status code: 500
+ +Parameter + |
+Type + |
+Description + |
+
|---|---|---|
error_code + |
+String + |
+Error code + |
+
error_msg + |
+String + |
+Error message + |
+
PUT https://{Endpoint}/v1/{project_id}/waf/certificate/{certificate_id}?
+
+{
+ "name" : "demo"
+}
+Status code: 200
+OK
+{
+ "id" : "360f992501a64de0a65c50a64d1ca7b3",
+ "name" : "demo",
+ "timestamp" : 1650593797892,
+ "expire_time" : 1596865564000
+}
+Status Code + |
+Description + |
+
|---|---|
200 + |
+OK + |
+
400 + |
+Request failed. + |
+
401 + |
+The token does not have required permissions. + |
+
500 + |
+Internal server error. + |
+
See Error Codes.
+String
Rule description
+Rule description.
conditions
@@ -197,7 +197,7 @@String
Subfield
+Subfield:
When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.
When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.
String
Rule description
+Rule description.
status
@@ -432,7 +432,7 @@String
Subfield
+Subfield:
When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.
When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.
String
Field type. The value can be url, ip, params, cookie, or header.
+Field type. The value can be url, ip, params, cookie, or header.
Enumeration values:
url
ip
diff --git a/docs/wafd/api-ref/UpdatePolicy.html b/docs/wafd/api-ref/UpdatePolicy.html index cc0a913a..ba7709a4 100644 --- a/docs/wafd/api-ref/UpdatePolicy.html +++ b/docs/wafd/api-ref/UpdatePolicy.html @@ -125,7 +125,7 @@Protection level
1: WAF detects wget, cURL, and more but does not detect XSS and command injection attacks in the header, so you may miss more vulnerabilities that actually exist. If you find out that configured protection rules are affecting your services, adjust the protection level to 1.
-2: WAF detects remote file inclusion, third-party software vulnerabilities, web shell, and cp and ftp commands. This is the default value.
+2: Medium. WAF detects remote file inclusion, third-party software vulnerabilities, web shell, and cp and ftp commands. This is the default value.
3: If you need a stricter protection level, set this parameter to 3. This may increase the false positive rate but decrease the false negative rate, such as nc, nmap, and kill.
Boolean
Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enabled any of these checks, keep this parameter enabled first. The value can be:
+Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enable any of these checks, keep this parameter enabled first. The value can be:
true: enabled
false: disabled
Boolean
JavaScript anti-crawler function.
+Whether to enable the JavaScript anti-crawler function.
true: Enabled
false: Disabled
Protection level
1: WAF detects wget, cURL, and more but does not detect XSS and command injection attacks in the header, so you may miss more vulnerabilities that actually exist. If you find out that configured protection rules are affecting your services, adjust the protection level to 1.
-2: WAF detects remote file inclusion, third-party software vulnerabilities, web shell and ftp commands. This is the default value.
+2: Medium. WAF detects remote file inclusion, third-party software vulnerabilities, web shell, and cp and ftp commands. This is the default value.
3: If you need a stricter protection level, set this parameter to 3. This may increase the false positive rate but decrease the false negative rate, such as nc, nmap, and kill.
ModulexOptions object
Whether to enable intelligent CC protection. This parameter is reserved and can be ignored currently.
+Whether to enabling intelligent CC protection. This parameter is reserved and can be ignored currently.
timestamp
@@ -617,7 +617,7 @@Boolean
Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enabled any of these checks, keep this parameter enabled first. The value can be:
+Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enable any of these checks, keep this parameter enabled first. The value can be:
true: enabled
false: disabled
Boolean
JavaScript anti-crawler function.
+Whether to enable the JavaScript anti-crawler function.
true: Enabled
false: Disabled
Protection statuses for advanced settings in basic web protection. By default, this parameter is left blank, and the Deep Inspection and Header Inspection are disabled.
If deep_decode is set to true, the Deep Inspection is enabled.
If check_all_headers is set to true, the Header Inspection is enabled.
-If deep_decode and check_all_headers are set to false, the Deep Inspection and Header Inspection are disabled.
+If deep_decode and check_all_headers are set to true, the Deep Inspection and Header Inspection are disabled.
String
Protection mode of the global rate limiting function.
-log: WAF logs the event only.
-block: WAF blocks requests.
+Protection mode of the global rate limiting function. WAF logs the event only.
+block: WAF blocks requests.
Enumeration values:
log
@@ -998,8 +997,7 @@String
Management mode of the intelligent precise protection.
-auto: WAF manages automatically generated rules.
-manual: You can manage rules that are automatically generated by WAF.
+auto: Automatic
Enumeration values:
auto
@@ -1011,8 +1009,7 @@String
Aging mode of the intelligent precise protection.
-manual: You can customize the maximum age of the rule.
-auto: Automatic
+auto: Automatic
Enumeration values:
auto
@@ -1055,8 +1052,7 @@String
Management mode of the intelligent CC attack protection.
-auto: WAF manages automatically generated rules.
-manual: You can manage rules that are automatically generated by WAF.
+auto: Automatic
Enumeration values:
auto
@@ -1067,9 +1063,8 @@String
Aging mode of the intelligent CC attack protection..
-manual: You can customize the maximum age of the rule.
-auto: Automatic
+Aging mode of the intelligent CC attack protection.
+auto: Automatic
Enumeration values:
auto
diff --git a/docs/wafd/api-ref/UpdatePolicyRuleStatus.html b/docs/wafd/api-ref/UpdatePolicyRuleStatus.html index 23b400df..b6aeae97 100644 --- a/docs/wafd/api-ref/UpdatePolicyRuleStatus.html +++ b/docs/wafd/api-ref/UpdatePolicyRuleStatus.html @@ -1,7 +1,7 @@ -This API is used to change the status of a policy rule.
+This API is used to modify the status of a rule.
PUT /v1/{project_id}/waf/policy/{policy_id}/{ruletype}/{rule_id}/status
diff --git a/docs/wafd/api-ref/UpdatePremiumHost.html b/docs/wafd/api-ref/UpdatePremiumHost.html index b8da4a5a..29a0dc92 100644 --- a/docs/wafd/api-ref/UpdatePremiumHost.html +++ b/docs/wafd/api-ref/UpdatePremiumHost.html @@ -30,7 +30,7 @@String
This API is used to modify a domain name protected by a dedicated WAF instance.
+ID of the domain name protected by the dedicated WAF engine
String
Template type. The value can be:
-default: The default block page is returned when a request is blocked.
-custom: Your custom block page is returned when a request is blocked.
-redirect: The request is redirected to the URL you specify.
+Template type, the value can be:
+default: The default block page.
+custom: Your custom block page is returned when a request is blocked. The request is redirected to the URL you specify.
CustomPage object
Custom alarm page
+Custom alarm page.
redirect_url
@@ -353,7 +352,7 @@String
Redirection URL
+Redirect URL. The root domain name of the redirection address must be the name of the currently protected domain (including a wildcard domain name).${http_host} can be used to indicate the currently protected domain name and port, for example, ${http_host}/error.html.
String
Content type of alarm page
+Content type of alarm page.
content
@@ -394,7 +393,7 @@String
Page content
+Page content.
String
Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected.
+Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected. You can ignore it.
true: Enable this check.
false: Disable this check.
String
Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected.
+Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected. You can ignore it.
true: Enable this check.
false: Disable this check.
Integer
Lock status. This parameter is redundant and can be ignored. Default value: 0
+Lock status. This parameter is redundant and can be ignored. Default value: - 0:
Default: 0
String
Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected.
+Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected. You can ignore it.
true: Enable this check.
false: Disable this check.
String
Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected.
+Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected. You can ignore it.
true: Enable this check.
false: Disable this check.
String
Template type. The value can be:
-default: The default block page is returned when a request is blocked.
-custom: Your custom block page is returned when a request is blocked.
-redirect: The request is redirected to the URL you specify.
+Template type, the value can be:
+default: The default block page.
+custom: Your custom block page is returned when a request is blocked. The request is redirected to the URL you specify.
CustomPage object
Custom alarm page
+Custom alarm page.
redirect_url
String
Redirection URL
+Redirect URL. The root domain name of the redirection address must be the name of the currently protected domain (including a wildcard domain name).${http_host} can be used to indicate the currently protected domain name and port, for example, ${http_host}/error.html.
String
Content type of alarm page
+Content type of alarm page.
content
String
Page content
+Page content.
String
Description
+Rule description.
String
Rule ID
+Rule ID.
policyid
String
Policy ID
+Policy ID.
block_time
@@ -147,7 +147,7 @@String
Type of the know attack source rule.
+Type of the known attack source rule.
Enumeration values:
long_ip_block
long_cookie_block
@@ -162,7 +162,7 @@String
Description
+Rule description.
String
Reference table description
+Reference table description.
Array of strings
Value of the reference table
+The contents of condition matching of the rules, such as CC Attack Protection Rule or Precise Protection Rule.
description
String
Reference table description
+Reference table description.
producer
diff --git a/docs/wafd/api-ref/UpgradeInstance.html b/docs/wafd/api-ref/UpgradeInstance.html index c61ca17c..db8276d0 100644 --- a/docs/wafd/api-ref/UpgradeInstance.html +++ b/docs/wafd/api-ref/UpgradeInstance.html @@ -87,7 +87,7 @@String
peration name.
+Operation name.
upgrade: Upgrade the software version of the dedicated WAF engine.
String
AZ ID.
+available_zone ID.
arch
@@ -152,7 +152,7 @@String
ECS specification ID
+ECS specifications and the dedicated WAF instance specifications. You can view details about the supported specifications on the WAF console.
vpc_id
@@ -180,7 +180,7 @@String
IPv6 address of the service plane of the dedicated engine
+IPv6 address of the dedicated WAF instance on the service plane. This parameter is displayed when ipv6_enable is set to true.
security_group_ids
@@ -267,7 +267,7 @@String
ID of the ECS hosting the dedicated engine. This parameter is the same as server_id, and will be deleted.
+ID of the ECS housing the dedicated engine. This parameter can be ignored because it is the same as server_id.
create_time
@@ -288,7 +288,7 @@Integer
Type of the dedicated WAF instance. If the type is Network Interface, this field is returned and its value is 1.
+Type of the dedicated WAF instance If the type is Network Interface, the value is 1.
2023-04-23
+2024-02-28
+2023-08-07
+Optimized descriptions of some parameters.
+2023-04-23
Revised the document based on review comments.