From f083e18983e5db15ef5c9cb257bb8063c3d06322 Mon Sep 17 00:00:00 2001 From: "Hasko, Vladimir" Date: Fri, 2 Jun 2023 12:41:58 +0000 Subject: [PATCH] re-introducing changes before wafd version 20230423 Reviewed-by: Belejkanic, Lukas Co-authored-by: Hasko, Vladimir Co-committed-by: Hasko, Vladimir --- docs/wafd/api-ref/.placeholder | 0 docs/wafd/api-ref/ALL_META.TXT.json | 578 ++++++--- docs/wafd/api-ref/CLASS.TXT.json | 1028 +++++++++------- docs/wafd/api-ref/CreateAnticrawlerRule.html | 386 ++++++ docs/wafd/api-ref/CreateAntileakageRules.html | 355 ++++++ docs/wafd/api-ref/CreateAntitamperRule.html | 6 +- docs/wafd/api-ref/CreateCcRule.html | 707 ++++++++--- docs/wafd/api-ref/CreateCertificate.html | 6 +- docs/wafd/api-ref/CreateCustomRules.html | 245 +++- docs/wafd/api-ref/CreateGeoipRule.html | 33 +- docs/wafd/api-ref/CreateIgnoreRule.html | 389 +++--- docs/wafd/api-ref/CreateInstance.html | 46 +- docs/wafd/api-ref/CreatePolicy.html | 358 +++++- docs/wafd/api-ref/CreatePremiumHost.html | 186 ++- docs/wafd/api-ref/CreatePrivacyRules.html | 6 +- docs/wafd/api-ref/CreatePunishmentRules.html | 318 +++++ docs/wafd/api-ref/CreateValueList.html | 25 +- docs/wafd/api-ref/CreateWhiteblackipRule.html | 49 +- docs/wafd/api-ref/DeleteAnticrawlerRule.html | 326 ++++++ docs/wafd/api-ref/DeleteAntileakageRule.html | 298 +++++ docs/wafd/api-ref/DeleteAntitamperRule.html | 8 +- docs/wafd/api-ref/DeleteCcRule.html | 365 ++++-- docs/wafd/api-ref/DeleteCertificate.html | 2 +- docs/wafd/api-ref/DeleteCustomRule.html | 124 +- docs/wafd/api-ref/DeleteGeoipRule.html | 22 +- docs/wafd/api-ref/DeleteIgnoreRule.html | 224 ++-- docs/wafd/api-ref/DeleteInstance.html | 111 +- docs/wafd/api-ref/DeletePolicy.html | 338 +++++- docs/wafd/api-ref/DeletePremiumHost.html | 144 ++- docs/wafd/api-ref/DeletePrivacyRule.html | 106 +- docs/wafd/api-ref/DeletePunishmentRule.html | 280 +++++ docs/wafd/api-ref/DeleteValueList.html | 8 +- docs/wafd/api-ref/DeleteWhiteBlackIpRule.html | 24 +- docs/wafd/api-ref/ErrorCode.html | 2 +- docs/wafd/api-ref/ListAnticrawlerRules.html | 376 ++++++ ...kipRule.html => ListAntileakageRules.html} | 112 +- docs/wafd/api-ref/ListAntitamperRules.html | 12 +- docs/wafd/api-ref/ListBandwidthTimeline.html | 11 +- docs/wafd/api-ref/ListCcRules.html | 378 ++++-- docs/wafd/api-ref/ListCertificates.html | 24 +- docs/wafd/api-ref/ListCustomRules.html | 102 +- docs/wafd/api-ref/ListEvent.html | 23 +- ...ListGeoipRule.html => ListGeoipRules.html} | 40 +- docs/wafd/api-ref/ListIgnoreRules.html | 215 ++-- docs/wafd/api-ref/ListInstance.html | 39 +- docs/wafd/api-ref/ListPolicy.html | 340 +++++- docs/wafd/api-ref/ListPremiumHost.html | 120 +- docs/wafd/api-ref/ListPrivacyRules.html | 6 +- docs/wafd/api-ref/ListPunishmentRules.html | 324 +++++ docs/wafd/api-ref/ListQpsTimeline.html | 2 +- docs/wafd/api-ref/ListStatistics.html | 2 +- docs/wafd/api-ref/ListValueList.html | 18 +- docs/wafd/api-ref/ListWhiteblackipRules.html | 371 ++++++ docs/wafd/api-ref/RenameInstance.html | 109 +- docs/wafd/api-ref/ShowAnticrawlerRule.html | 326 ++++++ docs/wafd/api-ref/ShowAntileakageRule.html | 298 +++++ docs/wafd/api-ref/ShowAntitamperRule.html | 8 +- docs/wafd/api-ref/ShowCcRule.html | 364 ++++-- docs/wafd/api-ref/ShowCertificate.html | 2 +- docs/wafd/api-ref/ShowCustomRule.html | 106 +- docs/wafd/api-ref/ShowEvent.html | 21 +- docs/wafd/api-ref/ShowGeoipRule.html | 324 +++++ docs/wafd/api-ref/ShowIgnoreRule.html | 215 ++-- docs/wafd/api-ref/ShowInstance.html | 102 +- docs/wafd/api-ref/ShowPolicy.html | 361 +++++- docs/wafd/api-ref/ShowPremiumHost.html | 394 +++++-- docs/wafd/api-ref/ShowPrivacyRule.html | 6 +- docs/wafd/api-ref/ShowPunishmentRule.html | 280 +++++ docs/wafd/api-ref/ShowValueList.html | 285 +++++ docs/wafd/api-ref/ShowWhiteblackipRule.html | 36 +- .../api-ref/UpdateAntiTamperRuleRefresh.html | 283 +++++ docs/wafd/api-ref/UpdateAnticrawlerRule.html | 382 ++++++ docs/wafd/api-ref/UpdateAntileakageRule.html | 354 ++++++ docs/wafd/api-ref/UpdateCcRule.html | 708 +++++++---- docs/wafd/api-ref/UpdateCustomRule.html | 226 +++- docs/wafd/api-ref/UpdateGeoipRule.html | 32 +- docs/wafd/api-ref/UpdateIgnoreRule.html | 545 +++++++++ docs/wafd/api-ref/UpdatePolicy.html | 471 ++++++-- docs/wafd/api-ref/UpdatePolicyRuleStatus.html | 78 +- docs/wafd/api-ref/UpdatePremiumHost.html | 666 +++++++++-- .../UpdatePremiumHostProtectStatus.html | 279 +++++ docs/wafd/api-ref/UpdatePrivacyRule.html | 6 +- docs/wafd/api-ref/UpdatePunishmentRule.html | 311 +++++ docs/wafd/api-ref/UpdateValueList.html | 38 +- docs/wafd/api-ref/UpdateWhiteblackipRule.html | 48 +- docs/wafd/api-ref/UpgradeInstance.html | 109 +- .../public_sys-resources/icon-arrowdn.gif | Bin 68 -> 1887 bytes .../public_sys-resources/icon-arrowrt.gif | Bin 70 -> 1890 bytes docs/wafd/api-ref/topic_300000001.html | 2 + docs/wafd/api-ref/topic_300000003.html | 56 +- docs/wafd/api-ref/waf_02_0084.html | 2 + docs/wafd/api-ref/waf_02_0087.html | 19 +- docs/wafd/api-ref/waf_02_0119.html | 13 + docs/wafd/api-ref/waf_02_0129.html | 16 + docs/wafd/api-ref/waf_02_0139.html | 910 ++++++++++++++ docs/wafd/api-ref/waf_02_0186.html | 1042 +++++++++++++++++ 96 files changed, 16483 insertions(+), 2968 deletions(-) delete mode 100644 docs/wafd/api-ref/.placeholder create mode 100644 docs/wafd/api-ref/CreateAnticrawlerRule.html create mode 100644 docs/wafd/api-ref/CreateAntileakageRules.html create mode 100644 docs/wafd/api-ref/CreatePunishmentRules.html create mode 100644 docs/wafd/api-ref/DeleteAnticrawlerRule.html create mode 100644 docs/wafd/api-ref/DeleteAntileakageRule.html create mode 100644 docs/wafd/api-ref/DeletePunishmentRule.html create mode 100644 docs/wafd/api-ref/ListAnticrawlerRules.html rename docs/wafd/api-ref/{ListWhiteblackipRule.html => ListAntileakageRules.html} (80%) rename docs/wafd/api-ref/{ListGeoipRule.html => ListGeoipRules.html} (81%) create mode 100644 docs/wafd/api-ref/ListPunishmentRules.html create mode 100644 docs/wafd/api-ref/ListWhiteblackipRules.html create mode 100644 docs/wafd/api-ref/ShowAnticrawlerRule.html create mode 100644 docs/wafd/api-ref/ShowAntileakageRule.html create mode 100644 docs/wafd/api-ref/ShowGeoipRule.html create mode 100644 docs/wafd/api-ref/ShowPunishmentRule.html create mode 100644 docs/wafd/api-ref/ShowValueList.html create mode 100644 docs/wafd/api-ref/UpdateAntiTamperRuleRefresh.html create mode 100644 docs/wafd/api-ref/UpdateAnticrawlerRule.html create mode 100644 docs/wafd/api-ref/UpdateAntileakageRule.html create mode 100644 docs/wafd/api-ref/UpdateIgnoreRule.html create mode 100644 docs/wafd/api-ref/UpdatePremiumHostProtectStatus.html create mode 100644 docs/wafd/api-ref/UpdatePunishmentRule.html create mode 100644 docs/wafd/api-ref/waf_02_0119.html create mode 100644 docs/wafd/api-ref/waf_02_0129.html create mode 100644 docs/wafd/api-ref/waf_02_0139.html create mode 100644 docs/wafd/api-ref/waf_02_0186.html diff --git a/docs/wafd/api-ref/.placeholder b/docs/wafd/api-ref/.placeholder deleted file mode 100644 index e69de29b..00000000 diff --git a/docs/wafd/api-ref/ALL_META.TXT.json b/docs/wafd/api-ref/ALL_META.TXT.json index 5c2c2f53..9f224b76 100644 --- a/docs/wafd/api-ref/ALL_META.TXT.json +++ b/docs/wafd/api-ref/ALL_META.TXT.json @@ -1,7 +1,7 @@ [ { "uri":"waf_02_0001.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"1", "des":"Public cloud APIs comply with the RESTful API design principles. REST-based Web services are organized into resources. Each resource is identified by one or more Uniform ", "doc_type":"api", @@ -11,7 +11,7 @@ }, { "uri":"waf_02_0007.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"2", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"api", @@ -21,7 +21,7 @@ }, { "uri":"topic_300000000.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"3", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"api", @@ -31,7 +31,7 @@ }, { "uri":"CreateInstance.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"4", "des":"This API is used to create a dedicated WAF enginePOST /v1/{project_id}/premium-waf/instanceStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 20", "doc_type":"api", @@ -41,7 +41,7 @@ }, { "uri":"ListInstance.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"5", "des":"This API is used to query the list of dedicated WAF engines.GET /v1/{project_id}/premium-waf/instanceStatus code: 200Status code: 400Status code: 401Status code: 500Statu", "doc_type":"api", @@ -51,7 +51,7 @@ }, { "uri":"ShowInstance.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"6", "des":"This API is used to query details about a dedicated WAF engine.GET /v1/{project_id}/premium-waf/instance/{instance_id}Status code: 200Status code: 400Status code: 401Stat", "doc_type":"api", @@ -61,7 +61,7 @@ }, { "uri":"RenameInstance.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"7", "des":"This API is used to rename a dedicated WAF enginePUT /v1/{project_id}/premium-waf/instance/{instance_id}Status code: 200Status code: 400Status code: 401Status code: 500St", "doc_type":"api", @@ -71,7 +71,7 @@ }, { "uri":"DeleteInstance.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"8", "des":"This API is used to delete a dedicated WAF engine.DELETE /v1/{project_id}/premium-waf/instance/{instance_id}Status code: 200Status code: 400Status code: 401Status code: 5", "doc_type":"api", @@ -81,7 +81,7 @@ }, { "uri":"UpgradeInstance.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"9", "des":"This API is used to operate a dedicated WAF instance.POST /v1/{project_id}/premium-waf/instance/{instance_id}/actionStatus code: 200Status code: 400Status code: 401Status", "doc_type":"api", @@ -91,7 +91,7 @@ }, { "uri":"topic_300000001.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"10", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"api", @@ -101,9 +101,9 @@ }, { "uri":"CreatePremiumHost.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"11", - "des":"Adding a Protected Domain NamePOST /v1/{project_id}/premium-waf/hostStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request succeeded.See ", + "des":"This API is used to add a domain name to WAF.POST /v1/{project_id}/premium-waf/hostStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request", "doc_type":"api", "kw":"Adding a Protected Domain Name,Managing Websites Protected in Dedicated Mode,API Reference", "title":"Adding a Protected Domain Name", @@ -111,9 +111,9 @@ }, { "uri":"ListPremiumHost.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"12", - "des":"Querying Domain Names Protected by Dedicated WAF EnginesGET /v1/{project_id}/premium-waf/hostStatus code: 200Status code: 400Status code: 401Status code: 500Status code: ", + "des":"This API is used to query domain names protected by dedicated WAF engines.GET /v1/{project_id}/premium-waf/hostStatus code: 200Status code: 400Status code: 401Status code", "doc_type":"api", "kw":"Querying Domain Names Protected by Dedicated WAF Engines,Managing Websites Protected in Dedicated Mo", "title":"Querying Domain Names Protected by Dedicated WAF Engines", @@ -121,7 +121,7 @@ }, { "uri":"ShowPremiumHost.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"13", "des":"This API is used to query domain name settings in dedicated mode.GET /v1/{project_id}/premium-waf/host/{host_id}Status code: 200Status code: 400Status code: 401Status cod", "doc_type":"api", @@ -131,7 +131,7 @@ }, { "uri":"UpdatePremiumHost.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"14", "des":"This API is used to modify a domain name protected by a dedicated WAF instance.PUT /v1/{project_id}/premium-waf/host/{host_id}Status code: 200Status code: 400Status code:", "doc_type":"api", @@ -141,7 +141,7 @@ }, { "uri":"DeletePremiumHost.html", - "product_code":"dwaf", + "product_code":"wafd", "code":"15", "des":"This API is used to delete a domain name from a dedicated WAF instance.DELETE /v1/{project_id}/premium-waf/host/{host_id}Status code: 200Status code: 400Status code: 401S", "doc_type":"api", @@ -150,9 +150,19 @@ "githuburl":"" }, { - "uri":"topic_300000002.html", - "product_code":"dwaf", + "uri":"UpdatePremiumHostProtectStatus.html", + "product_code":"wafd", "code":"16", + "des":"This API is used to modify the protection status of a domain name connected to a dedicated WAF instance.PUT /v1/{project_id}/premium-waf/host/{host_id}/protect_statusStat", + "doc_type":"api", + "kw":"Modifying the Protection Status of a Domain Name in Dedicated Mode,Managing Websites Protected in De", + "title":"Modifying the Protection Status of a Domain Name in Dedicated Mode", + "githuburl":"" + }, + { + "uri":"topic_300000002.html", + "product_code":"wafd", + "code":"17", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"api", "kw":"Policy Management", @@ -161,8 +171,8 @@ }, { "uri":"ListPolicy.html", - "product_code":"dwaf", - "code":"17", + "product_code":"wafd", + "code":"18", "des":"This API is used to query the list of protection policies.GET /v1/{project_id}/waf/policyStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200R", "doc_type":"api", "kw":"Querying Protection Policies,Policy Management,API Reference", @@ -171,8 +181,8 @@ }, { "uri":"CreatePolicy.html", - "product_code":"dwaf", - "code":"18", + "product_code":"wafd", + "code":"19", "des":"This API is used to create a policyPOST /v1/{project_id}/waf/policyStatus code: 200Status code: 400Status code: 401Status code: 403Status code: 500Status code: 200okSee E", "doc_type":"api", "kw":"Creating a Policy,Policy Management,API Reference", @@ -181,8 +191,8 @@ }, { "uri":"ShowPolicy.html", - "product_code":"dwaf", - "code":"19", + "product_code":"wafd", + "code":"20", "des":"This API is used to query a policy by ID.GET /v1/{project_id}/waf/policy/{policy_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code: 200Reques", "doc_type":"api", "kw":"Querying a Policy by ID,Policy Management,API Reference", @@ -191,8 +201,8 @@ }, { "uri":"UpdatePolicy.html", - "product_code":"dwaf", - "code":"20", + "product_code":"wafd", + "code":"21", "des":"This API is used to update a policy. The request body can contain only the part to be updated.PATCH /v1/{project_id}/waf/policy/{policy_id}Status code: 200Status code: 40", "doc_type":"api", "kw":"Updating a Policy,Policy Management,API Reference", @@ -201,8 +211,8 @@ }, { "uri":"DeletePolicy.html", - "product_code":"dwaf", - "code":"21", + "product_code":"wafd", + "code":"22", "des":"This API is used to delete a policy.DELETE /v1/{project_id}/waf/policy/{policy_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request ", "doc_type":"api", "kw":"Deleting a Policy,Policy Management,API Reference", @@ -211,8 +221,8 @@ }, { "uri":"topic_300000003.html", - "product_code":"dwaf", - "code":"22", + "product_code":"wafd", + "code":"23", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"api", "kw":"Rule Management", @@ -220,9 +230,19 @@ "githuburl":"" }, { - "uri":"ListWhiteblackipRule.html", - "product_code":"dwaf", - "code":"23", + "uri":"UpdatePolicyRuleStatus.html", + "product_code":"wafd", + "code":"24", + "des":"This API is used to change the status of a policy rule.PUT /v1/{project_id}/waf/policy/{policy_id}/{ruletype}/{rule_id}/statusStatus code: 200Status code: 400Status code:", + "doc_type":"api", + "kw":"Changing the Status of a Policy Rule,Rule Management,API Reference", + "title":"Changing the Status of a Policy Rule", + "githuburl":"" + }, + { + "uri":"ListWhiteblackipRules.html", + "product_code":"wafd", + "code":"25", "des":"This API is used to query the list of blacklist and whitelist rules.GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackipStatus code: 200Status code: 400Status code: 4", "doc_type":"api", "kw":"Querying the Blacklist and Whitelist Rule List,Rule Management,API Reference", @@ -231,9 +251,9 @@ }, { "uri":"CreateWhiteblackipRule.html", - "product_code":"dwaf", - "code":"24", - "des":"his API is used to create a blacklist or whitelist rule.POST /v1/{project_id}/waf/policy/{policy_id}/whiteblackipStatus code: 200Status code: 400Status code: 401Status co", + "product_code":"wafd", + "code":"26", + "des":"This API is used to create a blacklist or whitelist rule.POST /v1/{project_id}/waf/policy/{policy_id}/whiteblackipStatus code: 200Status code: 400Status code: 401Status c", "doc_type":"api", "kw":"Creating a Blacklist or Whitelist Rule,Rule Management,API Reference", "title":"Creating a Blacklist or Whitelist Rule", @@ -241,18 +261,18 @@ }, { "uri":"ShowWhiteblackipRule.html", - "product_code":"dwaf", - "code":"25", + "product_code":"wafd", + "code":"27", "des":"This API is used to query a blacklist or whitelist rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}Status code: 200Status code: 400Status cod", "doc_type":"api", - "kw":"Querying a Blacklist or Whitelist Rule,Rule Management,API Reference", - "title":"Querying a Blacklist or Whitelist Rule", + "kw":"Querying a Blacklist Or Whitelist Rule by ID,Rule Management,API Reference", + "title":"Querying a Blacklist Or Whitelist Rule by ID", "githuburl":"" }, { "uri":"UpdateWhiteblackipRule.html", - "product_code":"dwaf", - "code":"26", + "product_code":"wafd", + "code":"28", "des":"This API is used to update an IP address blacklist or whitelist rule.PUT /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}Status code: 200Status code: 400Sta", "doc_type":"api", "kw":"Updating a Blacklist or Whitelist Rule,Rule Management,API Reference", @@ -261,8 +281,8 @@ }, { "uri":"DeleteWhiteBlackIpRule.html", - "product_code":"dwaf", - "code":"27", + "product_code":"wafd", + "code":"29", "des":"This API is used to delete an IP address blacklist or whitelist rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}Status code: 200Status code: 400", "doc_type":"api", "kw":"Deleting a Blacklist or Whitelist Rule,Rule Management,API Reference", @@ -271,8 +291,8 @@ }, { "uri":"ListCcRules.html", - "product_code":"dwaf", - "code":"28", + "product_code":"wafd", + "code":"30", "des":"This API is used to query the list of CC attack protection rules.GET /v1/{project_id}/waf/policy/{policy_id}/ccStatus code: 200Status code: 400Status code: 401Status code", "doc_type":"api", "kw":"Querying CC Attack Protection Rules,Rule Management,API Reference", @@ -281,8 +301,8 @@ }, { "uri":"CreateCcRule.html", - "product_code":"dwaf", - "code":"29", + "product_code":"wafd", + "code":"31", "des":"This API is used to create a CC attack protection rule.POST /v1/{project_id}/waf/policy/{policy_id}/ccStatus code: 200Status code: 400Status code: 401Status code: 500Stat", "doc_type":"api", "kw":"Creating a CC Attack Protection Rule,Rule Management,API Reference", @@ -291,8 +311,8 @@ }, { "uri":"ShowCcRule.html", - "product_code":"dwaf", - "code":"30", + "product_code":"wafd", + "code":"32", "des":"This API is used to query a CC attack protection rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}Status code: 200Status code: 400Status code: 401Status", "doc_type":"api", "kw":"Querying a CC Attack Protection Rule by ID,Rule Management,API Reference", @@ -301,8 +321,8 @@ }, { "uri":"UpdateCcRule.html", - "product_code":"dwaf", - "code":"31", + "product_code":"wafd", + "code":"33", "des":"This API is used to update a CC attack protection rule.PUT /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}Status code: 200Status code: 400Status code: 401Status code", "doc_type":"api", "kw":"Updating a CC Attack Protection Rule,Rule Management,API Reference", @@ -311,8 +331,8 @@ }, { "uri":"DeleteCcRule.html", - "product_code":"dwaf", - "code":"32", + "product_code":"wafd", + "code":"34", "des":"This API is used to delete a CC attack protection rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}Status code: 200Status code: 400Status code: 401Status c", "doc_type":"api", "kw":"Deleting a CC Attack Protection Rule,Rule Management,API Reference", @@ -321,8 +341,8 @@ }, { "uri":"ListCustomRules.html", - "product_code":"dwaf", - "code":"33", + "product_code":"wafd", + "code":"35", "des":"This API is used to query the list of precise protection rules.GET /v1/{project_id}/waf/policy/{policy_id}/customStatus code: 200Status code: 400Status code: 401Status co", "doc_type":"api", "kw":"Querying Precise Protection Rules,Rule Management,API Reference", @@ -331,8 +351,8 @@ }, { "uri":"CreateCustomRules.html", - "product_code":"dwaf", - "code":"34", + "product_code":"wafd", + "code":"36", "des":"This API is used to create a precise protection rule.POST /v1/{project_id}/waf/policy/{policy_id}/customStatus code: 200Status code: 400Status code: 401Status code: 500St", "doc_type":"api", "kw":"Creating a Precise Protection Rule,Rule Management,API Reference", @@ -341,8 +361,8 @@ }, { "uri":"ShowCustomRule.html", - "product_code":"dwaf", - "code":"35", + "product_code":"wafd", + "code":"37", "des":"This API is used to query a precise protection rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}Status code: 200Status code: 400Status code: 401Stat", "doc_type":"api", "kw":"Querying a Precise Protection Rule by ID,Rule Management,API Reference", @@ -351,8 +371,8 @@ }, { "uri":"UpdateCustomRule.html", - "product_code":"dwaf", - "code":"36", + "product_code":"wafd", + "code":"38", "des":"This API is used to update a precise protection rule.PUT /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}Status code: 200Status code: 400Status code: 401Status co", "doc_type":"api", "kw":"Updating a Precise Protection Rule,Rule Management,API Reference", @@ -361,18 +381,68 @@ }, { "uri":"DeleteCustomRule.html", - "product_code":"dwaf", - "code":"37", + "product_code":"wafd", + "code":"39", "des":"This API is used to delete a precise protection rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}Status code: 200Status code: 400Status code: 401Status", "doc_type":"api", "kw":"Deleting a Precise Protection Rule,Rule Management,API Reference", "title":"Deleting a Precise Protection Rule", "githuburl":"" }, + { + "uri":"ListAnticrawlerRules.html", + "product_code":"wafd", + "code":"40", + "des":"This API is used to query the list of JavaScript anti-crawler rules.GET /v1/{project_id}/waf/policy/{policy_id}/anticrawlerStatus code: 200Status code: 400Status code: 40", + "doc_type":"api", + "kw":"Querying the JavaScript Anti-Crawler Rule List,Rule Management,API Reference", + "title":"Querying the JavaScript Anti-Crawler Rule List", + "githuburl":"" + }, + { + "uri":"CreateAnticrawlerRule.html", + "product_code":"wafd", + "code":"41", + "des":"This API is used to create a JavaScript anti-crawler rule.POST /v1/{project_id}/waf/policy/{policy_id}/anticrawlerStatus code: 200Status code: 400Status code: 401Status c", + "doc_type":"api", + "kw":"Creating a JavaScript Anti-Crawler Rule,Rule Management,API Reference", + "title":"Creating a JavaScript Anti-Crawler Rule", + "githuburl":"" + }, + { + "uri":"ShowAnticrawlerRule.html", + "product_code":"wafd", + "code":"42", + "des":"This API is used to query a JavaScript anti-crawler rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/anticrawler/{rule_id}Status code: 200Status code: 400Status cod", + "doc_type":"api", + "kw":"Querying a JavaScript Anti-Crawler Rule,Rule Management,API Reference", + "title":"Querying a JavaScript Anti-Crawler Rule", + "githuburl":"" + }, + { + "uri":"UpdateAnticrawlerRule.html", + "product_code":"wafd", + "code":"43", + "des":"This API is used to update a JavaScript anti-crawler rule.PUT /v1/{project_id}/waf/policy/{policy_id}/anticrawler/{rule_id}Status code: 200Status code: 400Status code: 40", + "doc_type":"api", + "kw":"Updating a JavaScript Anti-Crawler Rule,Rule Management,API Reference", + "title":"Updating a JavaScript Anti-Crawler Rule", + "githuburl":"" + }, + { + "uri":"DeleteAnticrawlerRule.html", + "product_code":"wafd", + "code":"44", + "des":"This API is used to delete a JavaScript anti-crawler rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/anticrawler/{rule_id}Status code: 200Status code: 400Status code:", + "doc_type":"api", + "kw":"Deleting a JavaScript Anti-Crawler Rule,Rule Management,API Reference", + "title":"Deleting a JavaScript Anti-Crawler Rule", + "githuburl":"" + }, { "uri":"ListPrivacyRules.html", - "product_code":"dwaf", - "code":"38", + "product_code":"wafd", + "code":"45", "des":"This API is used to query the data masking rule list.GET /v1/{project_id}/waf/policy/{policy_id}/privacyStatus code: 200Status code: 400Status code: 401Status code: 500St", "doc_type":"api", "kw":"Querying the Data Masking Rule List,Rule Management,API Reference", @@ -381,9 +451,9 @@ }, { "uri":"CreatePrivacyRules.html", - "product_code":"dwaf", - "code":"39", - "des":"Creating a Data Masking RulePOST /v1/{project_id}/waf/policy/{policy_id}/privacyStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request su", + "product_code":"wafd", + "code":"46", + "des":"This API is used to create a data masking rule.POST /v1/{project_id}/waf/policy/{policy_id}/privacyStatus code: 200Status code: 400Status code: 401Status code: 500Status ", "doc_type":"api", "kw":"Creating a Data Masking Rule,Rule Management,API Reference", "title":"Creating a Data Masking Rule", @@ -391,8 +461,8 @@ }, { "uri":"ShowPrivacyRule.html", - "product_code":"dwaf", - "code":"40", + "product_code":"wafd", + "code":"47", "des":"This API is used to query a data masking rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}Status code: 200Status code: 400Status code: 401Status co", "doc_type":"api", "kw":"Querying a Data Masking Rule by ID,Rule Management,API Reference", @@ -401,8 +471,8 @@ }, { "uri":"UpdatePrivacyRule.html", - "product_code":"dwaf", - "code":"41", + "product_code":"wafd", + "code":"48", "des":"This API is used to update the data masking rule list.PUT /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}Status code: 200Status code: 400Status code: 401Status ", "doc_type":"api", "kw":"Updating the Data Masking Rule List,Rule Management,API Reference", @@ -411,19 +481,69 @@ }, { "uri":"DeletePrivacyRule.html", - "product_code":"dwaf", - "code":"42", - "des":"This API is used to delete a data masking rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}Status code: 400Status code: 401Status code: 500Status code", + "product_code":"wafd", + "code":"49", + "des":"This API is used to delete a data masking rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}Status code: 200Status code: 400Status code: 401Status code", "doc_type":"api", "kw":"Deleting a Data Masking Rule,Rule Management,API Reference", "title":"Deleting a Data Masking Rule", "githuburl":"" }, + { + "uri":"ListPunishmentRules.html", + "product_code":"wafd", + "code":"50", + "des":"This API is used to query the list of known attack source rules.GET /v1/{project_id}/waf/policy/{policy_id}/punishmentStatus code: 200Status code: 400Status code: 401Stat", + "doc_type":"api", + "kw":"Querying the List of Known Attack Source Rules,Rule Management,API Reference", + "title":"Querying the List of Known Attack Source Rules", + "githuburl":"" + }, + { + "uri":"CreatePunishmentRules.html", + "product_code":"wafd", + "code":"51", + "des":"This API is used to create a known attack source rule.POST /v1/{project_id}/waf/policy/{policy_id}/punishmentStatus code: 200Status code: 400Status code: 401Status code: ", + "doc_type":"api", + "kw":"Creating a Known Attack Source Rule,Rule Management,API Reference", + "title":"Creating a Known Attack Source Rule", + "githuburl":"" + }, + { + "uri":"ShowPunishmentRule.html", + "product_code":"wafd", + "code":"52", + "des":"This API is used to query a known attack source rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}Status code: 200Status code: 400Status code: 40", + "doc_type":"api", + "kw":"Querying a Known Attack Source Rule by ID,Rule Management,API Reference", + "title":"Querying a Known Attack Source Rule by ID", + "githuburl":"" + }, + { + "uri":"UpdatePunishmentRule.html", + "product_code":"wafd", + "code":"53", + "des":"This API is used update a known attack source rule.PUT /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}Status code: 200Status code: 400Status code: 401Status ", + "doc_type":"api", + "kw":"Updating a Known Attack Source Rule,Rule Management,API Reference", + "title":"Updating a Known Attack Source Rule", + "githuburl":"" + }, + { + "uri":"DeletePunishmentRule.html", + "product_code":"wafd", + "code":"54", + "des":"This API is used to delete a known attack source rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}Status code: 200Status code: 400Status code: 401S", + "doc_type":"api", + "kw":"Deleting a Known Attack Source Rule,Rule Management,API Reference", + "title":"Deleting a Known Attack Source Rule", + "githuburl":"" + }, { "uri":"ListAntitamperRules.html", - "product_code":"dwaf", - "code":"43", - "des":"This api is used to query the list of web tamper protection rules.GET /v1/{project_id}/waf/policy/{policy_id}/antitamperStatus code: 200Status code: 400Status code: 401St", + "product_code":"wafd", + "code":"55", + "des":"This API is used to query the list of web tamper protection rules.GET /v1/{project_id}/waf/policy/{policy_id}/antitamperStatus code: 200Status code: 400Status code: 401St", "doc_type":"api", "kw":"Querying the List of Web Tamper Protection Rules,Rule Management,API Reference", "title":"Querying the List of Web Tamper Protection Rules", @@ -431,8 +551,8 @@ }, { "uri":"CreateAntitamperRule.html", - "product_code":"dwaf", - "code":"44", + "product_code":"wafd", + "code":"56", "des":"This API is used to create a web tamper protection rule.POST /v1/{project_id}/waf/policy/{policy_id}/antitamperStatus code: 200Status code: 400Status code: 401Status code", "doc_type":"api", "kw":"Creating a Web Tamper Protection Rule,Rule Management,API Reference", @@ -441,8 +561,8 @@ }, { "uri":"ShowAntitamperRule.html", - "product_code":"dwaf", - "code":"45", + "product_code":"wafd", + "code":"57", "des":"This API is used to query a web tamper protection rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}Status code: 200Status code: 400Status code: ", "doc_type":"api", "kw":"Querying a Web Tamper Protection Rule by ID,Rule Management,API Reference", @@ -451,18 +571,78 @@ }, { "uri":"DeleteAntitamperRule.html", - "product_code":"dwaf", - "code":"46", + "product_code":"wafd", + "code":"58", "des":"This API is used to delete a web tamper protection rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}Status code: 200Status code: 400Status code: 40", "doc_type":"api", "kw":"Deleting a Web Tamper Protection Rule,Rule Management,API Reference", "title":"Deleting a Web Tamper Protection Rule", "githuburl":"" }, + { + "uri":"UpdateAntiTamperRuleRefresh.html", + "product_code":"wafd", + "code":"59", + "des":"This API is used to updating the cache for a web tamper protection Rule.POST /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}/refreshStatus code: 200Status co", + "doc_type":"api", + "kw":"Updating the Cache for a Web Tamper Protection Rule,Rule Management,API Reference", + "title":"Updating the Cache for a Web Tamper Protection Rule", + "githuburl":"" + }, + { + "uri":"ListAntileakageRules.html", + "product_code":"wafd", + "code":"60", + "des":"This API is used to query the list of information leakage prevention rules.GET /v1/{project_id}/waf/policy/{policy_id}/antileakageStatus code: 200Status code: 400Status c", + "doc_type":"api", + "kw":"Querying the List of Information Leakage Prevention Rules,Rule Management,API Reference", + "title":"Querying the List of Information Leakage Prevention Rules", + "githuburl":"" + }, + { + "uri":"CreateAntileakageRules.html", + "product_code":"wafd", + "code":"61", + "des":"This API is used to create an infroamtion leakage protection rule.POST /v1/{project_id}/waf/policy/{policy_id}/antileakageStatus code: 200Status code: 400Status code: 401", + "doc_type":"api", + "kw":"Creating an Information Leakage Protection Rule,Rule Management,API Reference", + "title":"Creating an Information Leakage Protection Rule", + "githuburl":"" + }, + { + "uri":"ShowAntileakageRule.html", + "product_code":"wafd", + "code":"62", + "des":"This API is used to query an information leakage prevention rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}Status code: 200Status code: 400St", + "doc_type":"api", + "kw":"Querying an Information Leakage Prevention Rule by ID,Rule Management,API Reference", + "title":"Querying an Information Leakage Prevention Rule by ID", + "githuburl":"" + }, + { + "uri":"UpdateAntileakageRule.html", + "product_code":"wafd", + "code":"63", + "des":"This API is used to update an information leakage prevention rule.PUT /v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}Status code: 200Status code: 400Status ", + "doc_type":"api", + "kw":"Updating an Information Leakage Prevention Rule,Rule Management,API Reference", + "title":"Updating an Information Leakage Prevention Rule", + "githuburl":"" + }, + { + "uri":"DeleteAntileakageRule.html", + "product_code":"wafd", + "code":"64", + "des":"This API is used to delete an information leakage prevention rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}Status code: 200Status code: 400Stat", + "doc_type":"api", + "kw":"Deleting an Information Leakage Prevention Rule,Rule Management,API Reference", + "title":"Deleting an Information Leakage Prevention Rule", + "githuburl":"" + }, { "uri":"ListIgnoreRules.html", - "product_code":"dwaf", - "code":"47", + "product_code":"wafd", + "code":"65", "des":"This API is used to query the list of false alarm masking rules.GET /v1/{project_id}/waf/policy/{policy_id}/ignoreStatus code: 200Status code: 400Status code: 401Status c", "doc_type":"api", "kw":"Querying the False Alarm Masking Rule List,Rule Management,API Reference", @@ -471,38 +651,48 @@ }, { "uri":"CreateIgnoreRule.html", - "product_code":"dwaf", - "code":"48", - "des":"This API is used to create a false alarm masking rule.POST /v1/{project_id}/waf/policy/{policy_id}/ignoreStatus code: 200Status code: 400Status code: 401Status code: 500S", + "product_code":"wafd", + "code":"66", + "des":"This API is used to create a global protection whitelist (formerly false alarm masking) rule.POST /v1/{project_id}/waf/policy/{policy_id}/ignoreStatus code: 200Status cod", "doc_type":"api", - "kw":"Creating a False Alarm Masking Rule,Rule Management,API Reference", - "title":"Creating a False Alarm Masking Rule", + "kw":"Creating a Global Protection Whitelist (Formerly False Alarm Masking) Rule,Rule Management,API Refer", + "title":"Creating a Global Protection Whitelist (Formerly False Alarm Masking) Rule", "githuburl":"" }, { "uri":"ShowIgnoreRule.html", - "product_code":"dwaf", - "code":"49", - "des":"This API is used to query a false alarm masking rule.GET /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}Status code: 200Status code: 400Status code: 401Status co", + "product_code":"wafd", + "code":"67", + "des":"This API is used to querying a global protection whitelist (formerly false alarm masking) rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}Status co", "doc_type":"api", - "kw":"Querying a False Alarm Masking Rule,Rule Management,API Reference", - "title":"Querying a False Alarm Masking Rule", + "kw":"Querying a Global Protection Whitelist (Formerly False Alarm Masking) Rule by ID,Rule Management,API", + "title":"Querying a Global Protection Whitelist (Formerly False Alarm Masking) Rule by ID", + "githuburl":"" + }, + { + "uri":"UpdateIgnoreRule.html", + "product_code":"wafd", + "code":"68", + "des":"This API is used to update a global protection whitelist (false alarm masking) rule.PUT /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}Status code: 200Status cod", + "doc_type":"api", + "kw":"Updating a Global Protection Whitelist (False Alarm Masking) Rule,Rule Management,API Reference", + "title":"Updating a Global Protection Whitelist (False Alarm Masking) Rule", "githuburl":"" }, { "uri":"DeleteIgnoreRule.html", - "product_code":"dwaf", - "code":"50", - "des":"This API is used to query a false alarm masking rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}Status code: 200Status code: 400Status code: 401Status", + "product_code":"wafd", + "code":"69", + "des":"This API is used to deleting a global protection whitelist (false alarm masking) rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}Status code: 200Statu", "doc_type":"api", - "kw":"Deleting a False Alarm Masking Rule,Rule Management,API Reference", - "title":"Deleting a False Alarm Masking Rule", + "kw":"Deleting a Global Protection Whitelist (False Alarm Masking) Rule,Rule Management,API Reference", + "title":"Deleting a Global Protection Whitelist (False Alarm Masking) Rule", "githuburl":"" }, { - "uri":"ListGeoipRule.html", - "product_code":"dwaf", - "code":"51", + "uri":"ListGeoipRules.html", + "product_code":"wafd", + "code":"70", "des":"This API is used to query the list of geolocation access control rules.GET /v1/{project_id}/waf/policy/{policy_id}/geoipStatus code: 200Status code: 400Status code: 401St", "doc_type":"api", "kw":"Querying the List of Geolocation Access Control Rules,Rule Management,API Reference", @@ -511,18 +701,28 @@ }, { "uri":"CreateGeoipRule.html", - "product_code":"dwaf", - "code":"52", + "product_code":"wafd", + "code":"71", "des":"This API is used to create a geolocation access control rule.POST /v1/{project_id}/waf/policy/{policy_id}/geoipStatus code: 200Status code: 400Status code: 401Status code", "doc_type":"api", "kw":"Creating a Geolocation Access Control Rule,Rule Management,API Reference", "title":"Creating a Geolocation Access Control Rule", "githuburl":"" }, + { + "uri":"ShowGeoipRule.html", + "product_code":"wafd", + "code":"72", + "des":"This API is used to query a geolocation access control rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}Status code: 200Status code: 400Status code: ", + "doc_type":"api", + "kw":"Querying a Geolocation Access Control Rule by ID,Rule Management,API Reference", + "title":"Querying a Geolocation Access Control Rule by ID", + "githuburl":"" + }, { "uri":"UpdateGeoipRule.html", - "product_code":"dwaf", - "code":"53", + "product_code":"wafd", + "code":"73", "des":"This API is used to update a geolocation access control rule.PUT /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}Status code: 200Status code: 400Status code: 401St", "doc_type":"api", "kw":"Updating a Geolocation Access Control Rule,Rule Management,API Reference", @@ -531,28 +731,18 @@ }, { "uri":"DeleteGeoipRule.html", - "product_code":"dwaf", - "code":"54", + "product_code":"wafd", + "code":"74", "des":"This API is used to delete a geolocation access control rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}Status code: 200Status code: 400Status code: 40", "doc_type":"api", "kw":"Deleting a Geolocation Access Control Rule,Rule Management,API Reference", "title":"Deleting a Geolocation Access Control Rule", "githuburl":"" }, - { - "uri":"UpdatePolicyRuleStatus.html", - "product_code":"dwaf", - "code":"55", - "des":"This API is used to change the status of a policy rule.PUT /v1/{project_id}/waf/policy/{policy_id}/{ruletype}/{rule_id}/statusStatus code: 400Status code: 401Status code:", - "doc_type":"api", - "kw":"Changing the Status of a Policy Rule,Rule Management,API Reference", - "title":"Changing the Status of a Policy Rule", - "githuburl":"" - }, { "uri":"ListValueList.html", - "product_code":"dwaf", - "code":"56", + "product_code":"wafd", + "code":"75", "des":"This API is used to query the reference table list. A reference table can be referenced by CC attack protection rules and precise protection rules. For details about how ", "doc_type":"api", "kw":"Querying the Reference Table List,Rule Management,API Reference", @@ -561,19 +751,29 @@ }, { "uri":"CreateValueList.html", - "product_code":"dwaf", - "code":"57", + "product_code":"wafd", + "code":"76", "des":"This API is used to create a reference table. A reference table can be referenced by CC attack protection rules and precise protection rules. For details about how to use", "doc_type":"api", - "kw":"Adding a Reference Table,Rule Management,API Reference", - "title":"Adding a Reference Table", + "kw":"Creating a Reference Table,Rule Management,API Reference", + "title":"Creating a Reference Table", + "githuburl":"" + }, + { + "uri":"ShowValueList.html", + "product_code":"wafd", + "code":"77", + "des":"This API is used to query a reference table by ID.GET /v1/{project_id}/waf/valuelist/{table_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code", + "doc_type":"api", + "kw":"Querying a Reference Table by ID,Rule Management,API Reference", + "title":"Querying a Reference Table by ID", "githuburl":"" }, { "uri":"UpdateValueList.html", - "product_code":"dwaf", - "code":"58", - "des":"This API is used to modify a reference table.PUT /v1/{project_id}/waf/valuelist/{valuelistid}Status code: 200Status code: 400Status code: 401Status code: 500Status code: ", + "product_code":"wafd", + "code":"78", + "des":"This API is used to modify a reference table.PUT /v1/{project_id}/waf/valuelist/{table_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code: 200", "doc_type":"api", "kw":"Modifying a Reference Table,Rule Management,API Reference", "title":"Modifying a Reference Table", @@ -581,9 +781,9 @@ }, { "uri":"DeleteValueList.html", - "product_code":"dwaf", - "code":"59", - "des":"This API is used to delete a reference table.DELETE /v1/{project_id}/waf/valuelist/{valuelistid}Status code: 200Status code: 400Status code: 401Status code: 500Status cod", + "product_code":"wafd", + "code":"79", + "des":"This API is used to delete a reference table.DELETE /v1/{project_id}/waf/valuelist/{table_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code: ", "doc_type":"api", "kw":"Deleting a Reference Table,Rule Management,API Reference", "title":"Deleting a Reference Table", @@ -591,8 +791,8 @@ }, { "uri":"topic_300000004.html", - "product_code":"dwaf", - "code":"60", + "product_code":"wafd", + "code":"80", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"api", "kw":"Certificate Management", @@ -601,8 +801,8 @@ }, { "uri":"ListCertificates.html", - "product_code":"dwaf", - "code":"61", + "product_code":"wafd", + "code":"81", "des":"This API is used to query the certificate list.GET /v1/{project_id}/waf/certificateStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request", "doc_type":"api", "kw":"Querying the Certificate List,Certificate Management,API Reference", @@ -611,8 +811,8 @@ }, { "uri":"CreateCertificate.html", - "product_code":"dwaf", - "code":"62", + "product_code":"wafd", + "code":"82", "des":"This API is used to create a certificate.POST /v1/{project_id}/waf/certificateStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request succ", "doc_type":"api", "kw":"Creating a Certificate,Certificate Management,API Reference", @@ -621,8 +821,8 @@ }, { "uri":"ShowCertificate.html", - "product_code":"dwaf", - "code":"63", + "product_code":"wafd", + "code":"83", "des":"This API is used to query a certificate.GET /v1/{project_id}/waf/certificate/{certificate_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code: ", "doc_type":"api", "kw":"Querying a Certificate,Certificate Management,API Reference", @@ -631,8 +831,8 @@ }, { "uri":"DeleteCertificate.html", - "product_code":"dwaf", - "code":"64", + "product_code":"wafd", + "code":"84", "des":"This API is used to delete a certificate.DELETE /v1/{project_id}/waf/certificate/{certificate_id}Status code: 200Status code: 400Status code: 401Status code: 500Status co", "doc_type":"api", "kw":"Deleting a Certificate,Certificate Management,API Reference", @@ -641,8 +841,8 @@ }, { "uri":"topic_300000005.html", - "product_code":"dwaf", - "code":"65", + "product_code":"wafd", + "code":"85", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"api", "kw":"Dashboard", @@ -651,8 +851,8 @@ }, { "uri":"ListStatistics.html", - "product_code":"dwaf", - "code":"66", + "product_code":"wafd", + "code":"86", "des":"This API is used to query website request statistics.GET /v1/{project_id}/waf/overviews/statisticsStatus code: 200Status code: 400Status code: 401Status code: 500Status c", "doc_type":"api", "kw":"Querying Website Request Statistics,Dashboard,API Reference", @@ -661,8 +861,8 @@ }, { "uri":"ListQpsTimeline.html", - "product_code":"dwaf", - "code":"67", + "product_code":"wafd", + "code":"87", "des":"This API is used to query the website QPS statistics.GET /v1/{project_id}/waf/overviews/qps/timelineStatus code: 200Status code: 400Status code: 401Status code: 500Status", "doc_type":"api", "kw":"Querying the QPS Statistics,Dashboard,API Reference", @@ -671,8 +871,8 @@ }, { "uri":"ListBandwidthTimeline.html", - "product_code":"dwaf", - "code":"68", + "product_code":"wafd", + "code":"88", "des":"This API is used to query bandwidth usage statistics.GET /v1/{project_id}/waf/overviews/bandwidth/timelineStatus code: 200Status code: 400Status code: 401Status code: 500", "doc_type":"api", "kw":"Querying Bandwidth Usage Statistics,Dashboard,API Reference", @@ -681,8 +881,8 @@ }, { "uri":"topic_300000006.html", - "product_code":"dwaf", - "code":"69", + "product_code":"wafd", + "code":"89", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"api", "kw":"Event Management", @@ -691,9 +891,9 @@ }, { "uri":"ListEvent.html", - "product_code":"dwaf", - "code":"70", - "des":"This API is used to query the list of attack events for a specific period. It cannot be used to query all attack events. The pagesize parameter cannot be set to -1.GET /v", + "product_code":"wafd", + "code":"90", + "des":"This API is used to query the list of attack events for a specific period.GET /v1/{project_id}/waf/eventStatus code: 200Status code: 400Status code: 401Status code: 500St", "doc_type":"api", "kw":"Querying the List of Attack Events,Event Management,API Reference", "title":"Querying the List of Attack Events", @@ -701,18 +901,48 @@ }, { "uri":"ShowEvent.html", - "product_code":"dwaf", - "code":"71", + "product_code":"wafd", + "code":"91", "des":"This API is used to query the details about an attack event.GET /v1/{project_id}/waf/event/{eventid}Status code: 200Status code: 400Status code: 401Status code: 500Status", "doc_type":"api", "kw":"Querying Attack Event Details,Event Management,API Reference", "title":"Querying Attack Event Details", "githuburl":"" }, + { + "uri":"waf_02_0119.html", + "product_code":"wafd", + "code":"92", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Permissions and Supported Actions", + "title":"Permissions and Supported Actions", + "githuburl":"" + }, + { + "uri":"waf_02_0129.html", + "product_code":"wafd", + "code":"93", + "des":"This chapter describes fine-grained permissions management for your WAF. If your account does not need individual IAM users, then you may skip over this chapter.By defaul", + "doc_type":"api", + "kw":"Introduction,Permissions and Supported Actions,API Reference", + "title":"Introduction", + "githuburl":"" + }, + { + "uri":"waf_02_0139.html", + "product_code":"wafd", + "code":"94", + "des":"WAF provides system-defined policies that can be directly used in IAM. You can also create custom policies and use them to supplement system-defined policies, implementin", + "doc_type":"api", + "kw":"Supported Actions,Permissions and Supported Actions,API Reference", + "title":"Supported Actions", + "githuburl":"" + }, { "uri":"waf_02_0084.html", - "product_code":"dwaf", - "code":"72", + "product_code":"wafd", + "code":"95", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"api", "kw":"Appendix", @@ -721,8 +951,8 @@ }, { "uri":"waf_02_0085.html", - "product_code":"dwaf", - "code":"73", + "product_code":"wafd", + "code":"96", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"api", "kw":"Status Codes,Appendix,API Reference", @@ -731,8 +961,8 @@ }, { "uri":"ErrorCode.html", - "product_code":"dwaf", - "code":"74", + "product_code":"wafd", + "code":"97", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"api", "kw":"Error Codes,Appendix,API Reference", @@ -741,18 +971,28 @@ }, { "uri":"waf_02_0086.html", - "product_code":"dwaf", - "code":"75", + "product_code":"wafd", + "code":"98", "des":"Character Set Specifications for KeyThe key cannot be left blank or be an empty string.In Deutsche Telekom, a tag key can contain uppercase letters, lowercase letters, di", "doc_type":"api", "kw":"Character Set Specifications,Appendix,API Reference", "title":"Character Set Specifications", "githuburl":"" }, + { + "uri":"waf_02_0186.html", + "product_code":"wafd", + "code":"99", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"api", + "kw":"Geographical Location Codes,Appendix,API Reference", + "title":"Geographical Location Codes", + "githuburl":"" + }, { "uri":"waf_02_0087.html", - "product_code":"dwaf", - "code":"76", + "product_code":"wafd", + "code":"100", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"api", "kw":"Change History,API Reference", diff --git a/docs/wafd/api-ref/CLASS.TXT.json b/docs/wafd/api-ref/CLASS.TXT.json index 70c5aada..3c07fea9 100644 --- a/docs/wafd/api-ref/CLASS.TXT.json +++ b/docs/wafd/api-ref/CLASS.TXT.json @@ -1,7 +1,7 @@ [ { "desc":"Public cloud APIs comply with the RESTful API design principles. REST-based Web services are organized into resources. Each resource is identified by one or more Uniform ", - "product_code":"dwaf", + "product_code":"wafd", "title":"API Usage Guidelines", "uri":"waf_02_0001.html", "doc_type":"api", @@ -10,7 +10,7 @@ }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", - "product_code":"dwaf", + "product_code":"wafd", "title":"APIs", "uri":"waf_02_0007.html", "doc_type":"api", @@ -19,7 +19,7 @@ }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", - "product_code":"dwaf", + "product_code":"wafd", "title":"Dedicated Instance Management", "uri":"topic_300000000.html", "doc_type":"api", @@ -28,7 +28,7 @@ }, { "desc":"This API is used to create a dedicated WAF enginePOST /v1/{project_id}/premium-waf/instanceStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 20", - "product_code":"dwaf", + "product_code":"wafd", "title":"Creating a Dedicated WAF Engine", "uri":"CreateInstance.html", "doc_type":"api", @@ -37,7 +37,7 @@ }, { "desc":"This API is used to query the list of dedicated WAF engines.GET /v1/{project_id}/premium-waf/instanceStatus code: 200Status code: 400Status code: 401Status code: 500Statu", - "product_code":"dwaf", + "product_code":"wafd", "title":"Querying the List of Dedicated WAF Engines", "uri":"ListInstance.html", "doc_type":"api", @@ -46,7 +46,7 @@ }, { "desc":"This API is used to query details about a dedicated WAF engine.GET /v1/{project_id}/premium-waf/instance/{instance_id}Status code: 200Status code: 400Status code: 401Stat", - "product_code":"dwaf", + "product_code":"wafd", "title":"Querying Details about a Dedicated WAF Engine", "uri":"ShowInstance.html", "doc_type":"api", @@ -55,7 +55,7 @@ }, { "desc":"This API is used to rename a dedicated WAF enginePUT /v1/{project_id}/premium-waf/instance/{instance_id}Status code: 200Status code: 400Status code: 401Status code: 500St", - "product_code":"dwaf", + "product_code":"wafd", "title":"Renaming a Dedicated WAF Engine", "uri":"RenameInstance.html", "doc_type":"api", @@ -64,7 +64,7 @@ }, { "desc":"This API is used to delete a dedicated WAF engine.DELETE /v1/{project_id}/premium-waf/instance/{instance_id}Status code: 200Status code: 400Status code: 401Status code: 5", - "product_code":"dwaf", + "product_code":"wafd", "title":"Deleting a Dedicated WAF Engine", "uri":"DeleteInstance.html", "doc_type":"api", @@ -73,7 +73,7 @@ }, { "desc":"This API is used to operate a dedicated WAF instance.POST /v1/{project_id}/premium-waf/instance/{instance_id}/actionStatus code: 200Status code: 400Status code: 401Status", - "product_code":"dwaf", + "product_code":"wafd", "title":"Operations on a Dedicated WAF Instance", "uri":"UpgradeInstance.html", "doc_type":"api", @@ -82,7 +82,7 @@ }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", - "product_code":"dwaf", + "product_code":"wafd", "title":"Managing Websites Protected in Dedicated Mode", "uri":"topic_300000001.html", "doc_type":"api", @@ -90,8 +90,8 @@ "code":"10" }, { - "desc":"Adding a Protected Domain NamePOST /v1/{project_id}/premium-waf/hostStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request succeeded.See ", - "product_code":"dwaf", + "desc":"This API is used to add a domain name to WAF.POST /v1/{project_id}/premium-waf/hostStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request", + "product_code":"wafd", "title":"Adding a Protected Domain Name", "uri":"CreatePremiumHost.html", "doc_type":"api", @@ -99,8 +99,8 @@ "code":"11" }, { - "desc":"Querying Domain Names Protected by Dedicated WAF EnginesGET /v1/{project_id}/premium-waf/hostStatus code: 200Status code: 400Status code: 401Status code: 500Status code: ", - "product_code":"dwaf", + "desc":"This API is used to query domain names protected by dedicated WAF engines.GET /v1/{project_id}/premium-waf/hostStatus code: 200Status code: 400Status code: 401Status code", + "product_code":"wafd", "title":"Querying Domain Names Protected by Dedicated WAF Engines", "uri":"ListPremiumHost.html", "doc_type":"api", @@ -109,7 +109,7 @@ }, { "desc":"This API is used to query domain name settings in dedicated mode.GET /v1/{project_id}/premium-waf/host/{host_id}Status code: 200Status code: 400Status code: 401Status cod", - "product_code":"dwaf", + "product_code":"wafd", "title":"Querying Domain Name Settings in Dedicated Mode", "uri":"ShowPremiumHost.html", "doc_type":"api", @@ -118,7 +118,7 @@ }, { "desc":"This API is used to modify a domain name protected by a dedicated WAF instance.PUT /v1/{project_id}/premium-waf/host/{host_id}Status code: 200Status code: 400Status code:", - "product_code":"dwaf", + "product_code":"wafd", "title":"Modifying a Domain Name Protected by a Dedicated WAF Instance", "uri":"UpdatePremiumHost.html", "doc_type":"api", @@ -127,560 +127,776 @@ }, { "desc":"This API is used to delete a domain name from a dedicated WAF instance.DELETE /v1/{project_id}/premium-waf/host/{host_id}Status code: 200Status code: 400Status code: 401S", - "product_code":"dwaf", + "product_code":"wafd", "title":"Deleting a Domain Name from a Dedicated WAF Instance", "uri":"DeletePremiumHost.html", "doc_type":"api", "p_code":"10", "code":"15" }, + { + "desc":"This API is used to modify the protection status of a domain name connected to a dedicated WAF instance.PUT /v1/{project_id}/premium-waf/host/{host_id}/protect_statusStat", + "product_code":"wafd", + "title":"Modifying the Protection Status of a Domain Name in Dedicated Mode", + "uri":"UpdatePremiumHostProtectStatus.html", + "doc_type":"api", + "p_code":"10", + "code":"16" + }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", - "product_code":"dwaf", + "product_code":"wafd", "title":"Policy Management", "uri":"topic_300000002.html", "doc_type":"api", "p_code":"2", - "code":"16" - }, - { - "desc":"This API is used to query the list of protection policies.GET /v1/{project_id}/waf/policyStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200R", - "product_code":"dwaf", - "title":"Querying Protection Policies", - "uri":"ListPolicy.html", - "doc_type":"api", - "p_code":"16", "code":"17" }, { - "desc":"This API is used to create a policyPOST /v1/{project_id}/waf/policyStatus code: 200Status code: 400Status code: 401Status code: 403Status code: 500Status code: 200okSee E", - "product_code":"dwaf", - "title":"Creating a Policy", - "uri":"CreatePolicy.html", + "desc":"This API is used to query the list of protection policies.GET /v1/{project_id}/waf/policyStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200R", + "product_code":"wafd", + "title":"Querying Protection Policies", + "uri":"ListPolicy.html", "doc_type":"api", - "p_code":"16", + "p_code":"17", "code":"18" }, { - "desc":"This API is used to query a policy by ID.GET /v1/{project_id}/waf/policy/{policy_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code: 200Reques", - "product_code":"dwaf", - "title":"Querying a Policy by ID", - "uri":"ShowPolicy.html", + "desc":"This API is used to create a policyPOST /v1/{project_id}/waf/policyStatus code: 200Status code: 400Status code: 401Status code: 403Status code: 500Status code: 200okSee E", + "product_code":"wafd", + "title":"Creating a Policy", + "uri":"CreatePolicy.html", "doc_type":"api", - "p_code":"16", + "p_code":"17", "code":"19" }, { - "desc":"This API is used to update a policy. The request body can contain only the part to be updated.PATCH /v1/{project_id}/waf/policy/{policy_id}Status code: 200Status code: 40", - "product_code":"dwaf", - "title":"Updating a Policy", - "uri":"UpdatePolicy.html", + "desc":"This API is used to query a policy by ID.GET /v1/{project_id}/waf/policy/{policy_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code: 200Reques", + "product_code":"wafd", + "title":"Querying a Policy by ID", + "uri":"ShowPolicy.html", "doc_type":"api", - "p_code":"16", + "p_code":"17", "code":"20" }, { - "desc":"This API is used to delete a policy.DELETE /v1/{project_id}/waf/policy/{policy_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request ", - "product_code":"dwaf", - "title":"Deleting a Policy", - "uri":"DeletePolicy.html", + "desc":"This API is used to update a policy. The request body can contain only the part to be updated.PATCH /v1/{project_id}/waf/policy/{policy_id}Status code: 200Status code: 40", + "product_code":"wafd", + "title":"Updating a Policy", + "uri":"UpdatePolicy.html", "doc_type":"api", - "p_code":"16", + "p_code":"17", "code":"21" }, + { + "desc":"This API is used to delete a policy.DELETE /v1/{project_id}/waf/policy/{policy_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request ", + "product_code":"wafd", + "title":"Deleting a Policy", + "uri":"DeletePolicy.html", + "doc_type":"api", + "p_code":"17", + "code":"22" + }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", - "product_code":"dwaf", + "product_code":"wafd", "title":"Rule Management", "uri":"topic_300000003.html", "doc_type":"api", "p_code":"2", - "code":"22" - }, - { - "desc":"This API is used to query the list of blacklist and whitelist rules.GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackipStatus code: 200Status code: 400Status code: 4", - "product_code":"dwaf", - "title":"Querying the Blacklist and Whitelist Rule List", - "uri":"ListWhiteblackipRule.html", - "doc_type":"api", - "p_code":"22", "code":"23" }, { - "desc":"his API is used to create a blacklist or whitelist rule.POST /v1/{project_id}/waf/policy/{policy_id}/whiteblackipStatus code: 200Status code: 400Status code: 401Status co", - "product_code":"dwaf", - "title":"Creating a Blacklist or Whitelist Rule", - "uri":"CreateWhiteblackipRule.html", - "doc_type":"api", - "p_code":"22", - "code":"24" - }, - { - "desc":"This API is used to query a blacklist or whitelist rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}Status code: 200Status code: 400Status cod", - "product_code":"dwaf", - "title":"Querying a Blacklist or Whitelist Rule", - "uri":"ShowWhiteblackipRule.html", - "doc_type":"api", - "p_code":"22", - "code":"25" - }, - { - "desc":"This API is used to update an IP address blacklist or whitelist rule.PUT /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}Status code: 200Status code: 400Sta", - "product_code":"dwaf", - "title":"Updating a Blacklist or Whitelist Rule", - "uri":"UpdateWhiteblackipRule.html", - "doc_type":"api", - "p_code":"22", - "code":"26" - }, - { - "desc":"This API is used to delete an IP address blacklist or whitelist rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}Status code: 200Status code: 400", - "product_code":"dwaf", - "title":"Deleting a Blacklist or Whitelist Rule", - "uri":"DeleteWhiteBlackIpRule.html", - "doc_type":"api", - "p_code":"22", - "code":"27" - }, - { - "desc":"This API is used to query the list of CC attack protection rules.GET /v1/{project_id}/waf/policy/{policy_id}/ccStatus code: 200Status code: 400Status code: 401Status code", - "product_code":"dwaf", - "title":"Querying CC Attack Protection Rules", - "uri":"ListCcRules.html", - "doc_type":"api", - "p_code":"22", - "code":"28" - }, - { - "desc":"This API is used to create a CC attack protection rule.POST /v1/{project_id}/waf/policy/{policy_id}/ccStatus code: 200Status code: 400Status code: 401Status code: 500Stat", - "product_code":"dwaf", - "title":"Creating a CC Attack Protection Rule", - "uri":"CreateCcRule.html", - "doc_type":"api", - "p_code":"22", - "code":"29" - }, - { - "desc":"This API is used to query a CC attack protection rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}Status code: 200Status code: 400Status code: 401Status", - "product_code":"dwaf", - "title":"Querying a CC Attack Protection Rule by ID", - "uri":"ShowCcRule.html", - "doc_type":"api", - "p_code":"22", - "code":"30" - }, - { - "desc":"This API is used to update a CC attack protection rule.PUT /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}Status code: 200Status code: 400Status code: 401Status code", - "product_code":"dwaf", - "title":"Updating a CC Attack Protection Rule", - "uri":"UpdateCcRule.html", - "doc_type":"api", - "p_code":"22", - "code":"31" - }, - { - "desc":"This API is used to delete a CC attack protection rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}Status code: 200Status code: 400Status code: 401Status c", - "product_code":"dwaf", - "title":"Deleting a CC Attack Protection Rule", - "uri":"DeleteCcRule.html", - "doc_type":"api", - "p_code":"22", - "code":"32" - }, - { - "desc":"This API is used to query the list of precise protection rules.GET /v1/{project_id}/waf/policy/{policy_id}/customStatus code: 200Status code: 400Status code: 401Status co", - "product_code":"dwaf", - "title":"Querying Precise Protection Rules", - "uri":"ListCustomRules.html", - "doc_type":"api", - "p_code":"22", - "code":"33" - }, - { - "desc":"This API is used to create a precise protection rule.POST /v1/{project_id}/waf/policy/{policy_id}/customStatus code: 200Status code: 400Status code: 401Status code: 500St", - "product_code":"dwaf", - "title":"Creating a Precise Protection Rule", - "uri":"CreateCustomRules.html", - "doc_type":"api", - "p_code":"22", - "code":"34" - }, - { - "desc":"This API is used to query a precise protection rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}Status code: 200Status code: 400Status code: 401Stat", - "product_code":"dwaf", - "title":"Querying a Precise Protection Rule by ID", - "uri":"ShowCustomRule.html", - "doc_type":"api", - "p_code":"22", - "code":"35" - }, - { - "desc":"This API is used to update a precise protection rule.PUT /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}Status code: 200Status code: 400Status code: 401Status co", - "product_code":"dwaf", - "title":"Updating a Precise Protection Rule", - "uri":"UpdateCustomRule.html", - "doc_type":"api", - "p_code":"22", - "code":"36" - }, - { - "desc":"This API is used to delete a precise protection rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}Status code: 200Status code: 400Status code: 401Status", - "product_code":"dwaf", - "title":"Deleting a Precise Protection Rule", - "uri":"DeleteCustomRule.html", - "doc_type":"api", - "p_code":"22", - "code":"37" - }, - { - "desc":"This API is used to query the data masking rule list.GET /v1/{project_id}/waf/policy/{policy_id}/privacyStatus code: 200Status code: 400Status code: 401Status code: 500St", - "product_code":"dwaf", - "title":"Querying the Data Masking Rule List", - "uri":"ListPrivacyRules.html", - "doc_type":"api", - "p_code":"22", - "code":"38" - }, - { - "desc":"Creating a Data Masking RulePOST /v1/{project_id}/waf/policy/{policy_id}/privacyStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request su", - "product_code":"dwaf", - "title":"Creating a Data Masking Rule", - "uri":"CreatePrivacyRules.html", - "doc_type":"api", - "p_code":"22", - "code":"39" - }, - { - "desc":"This API is used to query a data masking rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}Status code: 200Status code: 400Status code: 401Status co", - "product_code":"dwaf", - "title":"Querying a Data Masking Rule by ID", - "uri":"ShowPrivacyRule.html", - "doc_type":"api", - "p_code":"22", - "code":"40" - }, - { - "desc":"This API is used to update the data masking rule list.PUT /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}Status code: 200Status code: 400Status code: 401Status ", - "product_code":"dwaf", - "title":"Updating the Data Masking Rule List", - "uri":"UpdatePrivacyRule.html", - "doc_type":"api", - "p_code":"22", - "code":"41" - }, - { - "desc":"This API is used to delete a data masking rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}Status code: 400Status code: 401Status code: 500Status code", - "product_code":"dwaf", - "title":"Deleting a Data Masking Rule", - "uri":"DeletePrivacyRule.html", - "doc_type":"api", - "p_code":"22", - "code":"42" - }, - { - "desc":"This api is used to query the list of web tamper protection rules.GET /v1/{project_id}/waf/policy/{policy_id}/antitamperStatus code: 200Status code: 400Status code: 401St", - "product_code":"dwaf", - "title":"Querying the List of Web Tamper Protection Rules", - "uri":"ListAntitamperRules.html", - "doc_type":"api", - "p_code":"22", - "code":"43" - }, - { - "desc":"This API is used to create a web tamper protection rule.POST /v1/{project_id}/waf/policy/{policy_id}/antitamperStatus code: 200Status code: 400Status code: 401Status code", - "product_code":"dwaf", - "title":"Creating a Web Tamper Protection Rule", - "uri":"CreateAntitamperRule.html", - "doc_type":"api", - "p_code":"22", - "code":"44" - }, - { - "desc":"This API is used to query a web tamper protection rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}Status code: 200Status code: 400Status code: ", - "product_code":"dwaf", - "title":"Querying a Web Tamper Protection Rule by ID", - "uri":"ShowAntitamperRule.html", - "doc_type":"api", - "p_code":"22", - "code":"45" - }, - { - "desc":"This API is used to delete a web tamper protection rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}Status code: 200Status code: 400Status code: 40", - "product_code":"dwaf", - "title":"Deleting a Web Tamper Protection Rule", - "uri":"DeleteAntitamperRule.html", - "doc_type":"api", - "p_code":"22", - "code":"46" - }, - { - "desc":"This API is used to query the list of false alarm masking rules.GET /v1/{project_id}/waf/policy/{policy_id}/ignoreStatus code: 200Status code: 400Status code: 401Status c", - "product_code":"dwaf", - "title":"Querying the False Alarm Masking Rule List", - "uri":"ListIgnoreRules.html", - "doc_type":"api", - "p_code":"22", - "code":"47" - }, - { - "desc":"This API is used to create a false alarm masking rule.POST /v1/{project_id}/waf/policy/{policy_id}/ignoreStatus code: 200Status code: 400Status code: 401Status code: 500S", - "product_code":"dwaf", - "title":"Creating a False Alarm Masking Rule", - "uri":"CreateIgnoreRule.html", - "doc_type":"api", - "p_code":"22", - "code":"48" - }, - { - "desc":"This API is used to query a false alarm masking rule.GET /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}Status code: 200Status code: 400Status code: 401Status co", - "product_code":"dwaf", - "title":"Querying a False Alarm Masking Rule", - "uri":"ShowIgnoreRule.html", - "doc_type":"api", - "p_code":"22", - "code":"49" - }, - { - "desc":"This API is used to query a false alarm masking rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}Status code: 200Status code: 400Status code: 401Status", - "product_code":"dwaf", - "title":"Deleting a False Alarm Masking Rule", - "uri":"DeleteIgnoreRule.html", - "doc_type":"api", - "p_code":"22", - "code":"50" - }, - { - "desc":"This API is used to query the list of geolocation access control rules.GET /v1/{project_id}/waf/policy/{policy_id}/geoipStatus code: 200Status code: 400Status code: 401St", - "product_code":"dwaf", - "title":"Querying the List of Geolocation Access Control Rules", - "uri":"ListGeoipRule.html", - "doc_type":"api", - "p_code":"22", - "code":"51" - }, - { - "desc":"This API is used to create a geolocation access control rule.POST /v1/{project_id}/waf/policy/{policy_id}/geoipStatus code: 200Status code: 400Status code: 401Status code", - "product_code":"dwaf", - "title":"Creating a Geolocation Access Control Rule", - "uri":"CreateGeoipRule.html", - "doc_type":"api", - "p_code":"22", - "code":"52" - }, - { - "desc":"This API is used to update a geolocation access control rule.PUT /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}Status code: 200Status code: 400Status code: 401St", - "product_code":"dwaf", - "title":"Updating a Geolocation Access Control Rule", - "uri":"UpdateGeoipRule.html", - "doc_type":"api", - "p_code":"22", - "code":"53" - }, - { - "desc":"This API is used to delete a geolocation access control rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}Status code: 200Status code: 400Status code: 40", - "product_code":"dwaf", - "title":"Deleting a Geolocation Access Control Rule", - "uri":"DeleteGeoipRule.html", - "doc_type":"api", - "p_code":"22", - "code":"54" - }, - { - "desc":"This API is used to change the status of a policy rule.PUT /v1/{project_id}/waf/policy/{policy_id}/{ruletype}/{rule_id}/statusStatus code: 400Status code: 401Status code:", - "product_code":"dwaf", + "desc":"This API is used to change the status of a policy rule.PUT /v1/{project_id}/waf/policy/{policy_id}/{ruletype}/{rule_id}/statusStatus code: 200Status code: 400Status code:", + "product_code":"wafd", "title":"Changing the Status of a Policy Rule", "uri":"UpdatePolicyRuleStatus.html", "doc_type":"api", - "p_code":"22", + "p_code":"23", + "code":"24" + }, + { + "desc":"This API is used to query the list of blacklist and whitelist rules.GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackipStatus code: 200Status code: 400Status code: 4", + "product_code":"wafd", + "title":"Querying the Blacklist and Whitelist Rule List", + "uri":"ListWhiteblackipRules.html", + "doc_type":"api", + "p_code":"23", + "code":"25" + }, + { + "desc":"This API is used to create a blacklist or whitelist rule.POST /v1/{project_id}/waf/policy/{policy_id}/whiteblackipStatus code: 200Status code: 400Status code: 401Status c", + "product_code":"wafd", + "title":"Creating a Blacklist or Whitelist Rule", + "uri":"CreateWhiteblackipRule.html", + "doc_type":"api", + "p_code":"23", + "code":"26" + }, + { + "desc":"This API is used to query a blacklist or whitelist rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}Status code: 200Status code: 400Status cod", + "product_code":"wafd", + "title":"Querying a Blacklist Or Whitelist Rule by ID", + "uri":"ShowWhiteblackipRule.html", + "doc_type":"api", + "p_code":"23", + "code":"27" + }, + { + "desc":"This API is used to update an IP address blacklist or whitelist rule.PUT /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}Status code: 200Status code: 400Sta", + "product_code":"wafd", + "title":"Updating a Blacklist or Whitelist Rule", + "uri":"UpdateWhiteblackipRule.html", + "doc_type":"api", + "p_code":"23", + "code":"28" + }, + { + "desc":"This API is used to delete an IP address blacklist or whitelist rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}Status code: 200Status code: 400", + "product_code":"wafd", + "title":"Deleting a Blacklist or Whitelist Rule", + "uri":"DeleteWhiteBlackIpRule.html", + "doc_type":"api", + "p_code":"23", + "code":"29" + }, + { + "desc":"This API is used to query the list of CC attack protection rules.GET /v1/{project_id}/waf/policy/{policy_id}/ccStatus code: 200Status code: 400Status code: 401Status code", + "product_code":"wafd", + "title":"Querying CC Attack Protection Rules", + "uri":"ListCcRules.html", + "doc_type":"api", + "p_code":"23", + "code":"30" + }, + { + "desc":"This API is used to create a CC attack protection rule.POST /v1/{project_id}/waf/policy/{policy_id}/ccStatus code: 200Status code: 400Status code: 401Status code: 500Stat", + "product_code":"wafd", + "title":"Creating a CC Attack Protection Rule", + "uri":"CreateCcRule.html", + "doc_type":"api", + "p_code":"23", + "code":"31" + }, + { + "desc":"This API is used to query a CC attack protection rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}Status code: 200Status code: 400Status code: 401Status", + "product_code":"wafd", + "title":"Querying a CC Attack Protection Rule by ID", + "uri":"ShowCcRule.html", + "doc_type":"api", + "p_code":"23", + "code":"32" + }, + { + "desc":"This API is used to update a CC attack protection rule.PUT /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}Status code: 200Status code: 400Status code: 401Status code", + "product_code":"wafd", + "title":"Updating a CC Attack Protection Rule", + "uri":"UpdateCcRule.html", + "doc_type":"api", + "p_code":"23", + "code":"33" + }, + { + "desc":"This API is used to delete a CC attack protection rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}Status code: 200Status code: 400Status code: 401Status c", + "product_code":"wafd", + "title":"Deleting a CC Attack Protection Rule", + "uri":"DeleteCcRule.html", + "doc_type":"api", + "p_code":"23", + "code":"34" + }, + { + "desc":"This API is used to query the list of precise protection rules.GET /v1/{project_id}/waf/policy/{policy_id}/customStatus code: 200Status code: 400Status code: 401Status co", + "product_code":"wafd", + "title":"Querying Precise Protection Rules", + "uri":"ListCustomRules.html", + "doc_type":"api", + "p_code":"23", + "code":"35" + }, + { + "desc":"This API is used to create a precise protection rule.POST /v1/{project_id}/waf/policy/{policy_id}/customStatus code: 200Status code: 400Status code: 401Status code: 500St", + "product_code":"wafd", + "title":"Creating a Precise Protection Rule", + "uri":"CreateCustomRules.html", + "doc_type":"api", + "p_code":"23", + "code":"36" + }, + { + "desc":"This API is used to query a precise protection rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}Status code: 200Status code: 400Status code: 401Stat", + "product_code":"wafd", + "title":"Querying a Precise Protection Rule by ID", + "uri":"ShowCustomRule.html", + "doc_type":"api", + "p_code":"23", + "code":"37" + }, + { + "desc":"This API is used to update a precise protection rule.PUT /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}Status code: 200Status code: 400Status code: 401Status co", + "product_code":"wafd", + "title":"Updating a Precise Protection Rule", + "uri":"UpdateCustomRule.html", + "doc_type":"api", + "p_code":"23", + "code":"38" + }, + { + "desc":"This API is used to delete a precise protection rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}Status code: 200Status code: 400Status code: 401Status", + "product_code":"wafd", + "title":"Deleting a Precise Protection Rule", + "uri":"DeleteCustomRule.html", + "doc_type":"api", + "p_code":"23", + "code":"39" + }, + { + "desc":"This API is used to query the list of JavaScript anti-crawler rules.GET /v1/{project_id}/waf/policy/{policy_id}/anticrawlerStatus code: 200Status code: 400Status code: 40", + "product_code":"wafd", + "title":"Querying the JavaScript Anti-Crawler Rule List", + "uri":"ListAnticrawlerRules.html", + "doc_type":"api", + "p_code":"23", + "code":"40" + }, + { + "desc":"This API is used to create a JavaScript anti-crawler rule.POST /v1/{project_id}/waf/policy/{policy_id}/anticrawlerStatus code: 200Status code: 400Status code: 401Status c", + "product_code":"wafd", + "title":"Creating a JavaScript Anti-Crawler Rule", + "uri":"CreateAnticrawlerRule.html", + "doc_type":"api", + "p_code":"23", + "code":"41" + }, + { + "desc":"This API is used to query a JavaScript anti-crawler rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/anticrawler/{rule_id}Status code: 200Status code: 400Status cod", + "product_code":"wafd", + "title":"Querying a JavaScript Anti-Crawler Rule", + "uri":"ShowAnticrawlerRule.html", + "doc_type":"api", + "p_code":"23", + "code":"42" + }, + { + "desc":"This API is used to update a JavaScript anti-crawler rule.PUT /v1/{project_id}/waf/policy/{policy_id}/anticrawler/{rule_id}Status code: 200Status code: 400Status code: 40", + "product_code":"wafd", + "title":"Updating a JavaScript Anti-Crawler Rule", + "uri":"UpdateAnticrawlerRule.html", + "doc_type":"api", + "p_code":"23", + "code":"43" + }, + { + "desc":"This API is used to delete a JavaScript anti-crawler rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/anticrawler/{rule_id}Status code: 200Status code: 400Status code:", + "product_code":"wafd", + "title":"Deleting a JavaScript Anti-Crawler Rule", + "uri":"DeleteAnticrawlerRule.html", + "doc_type":"api", + "p_code":"23", + "code":"44" + }, + { + "desc":"This API is used to query the data masking rule list.GET /v1/{project_id}/waf/policy/{policy_id}/privacyStatus code: 200Status code: 400Status code: 401Status code: 500St", + "product_code":"wafd", + "title":"Querying the Data Masking Rule List", + "uri":"ListPrivacyRules.html", + "doc_type":"api", + "p_code":"23", + "code":"45" + }, + { + "desc":"This API is used to create a data masking rule.POST /v1/{project_id}/waf/policy/{policy_id}/privacyStatus code: 200Status code: 400Status code: 401Status code: 500Status ", + "product_code":"wafd", + "title":"Creating a Data Masking Rule", + "uri":"CreatePrivacyRules.html", + "doc_type":"api", + "p_code":"23", + "code":"46" + }, + { + "desc":"This API is used to query a data masking rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}Status code: 200Status code: 400Status code: 401Status co", + "product_code":"wafd", + "title":"Querying a Data Masking Rule by ID", + "uri":"ShowPrivacyRule.html", + "doc_type":"api", + "p_code":"23", + "code":"47" + }, + { + "desc":"This API is used to update the data masking rule list.PUT /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}Status code: 200Status code: 400Status code: 401Status ", + "product_code":"wafd", + "title":"Updating the Data Masking Rule List", + "uri":"UpdatePrivacyRule.html", + "doc_type":"api", + "p_code":"23", + "code":"48" + }, + { + "desc":"This API is used to delete a data masking rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}Status code: 200Status code: 400Status code: 401Status code", + "product_code":"wafd", + "title":"Deleting a Data Masking Rule", + "uri":"DeletePrivacyRule.html", + "doc_type":"api", + "p_code":"23", + "code":"49" + }, + { + "desc":"This API is used to query the list of known attack source rules.GET /v1/{project_id}/waf/policy/{policy_id}/punishmentStatus code: 200Status code: 400Status code: 401Stat", + "product_code":"wafd", + "title":"Querying the List of Known Attack Source Rules", + "uri":"ListPunishmentRules.html", + "doc_type":"api", + "p_code":"23", + "code":"50" + }, + { + "desc":"This API is used to create a known attack source rule.POST /v1/{project_id}/waf/policy/{policy_id}/punishmentStatus code: 200Status code: 400Status code: 401Status code: ", + "product_code":"wafd", + "title":"Creating a Known Attack Source Rule", + "uri":"CreatePunishmentRules.html", + "doc_type":"api", + "p_code":"23", + "code":"51" + }, + { + "desc":"This API is used to query a known attack source rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}Status code: 200Status code: 400Status code: 40", + "product_code":"wafd", + "title":"Querying a Known Attack Source Rule by ID", + "uri":"ShowPunishmentRule.html", + "doc_type":"api", + "p_code":"23", + "code":"52" + }, + { + "desc":"This API is used update a known attack source rule.PUT /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}Status code: 200Status code: 400Status code: 401Status ", + "product_code":"wafd", + "title":"Updating a Known Attack Source Rule", + "uri":"UpdatePunishmentRule.html", + "doc_type":"api", + "p_code":"23", + "code":"53" + }, + { + "desc":"This API is used to delete a known attack source rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}Status code: 200Status code: 400Status code: 401S", + "product_code":"wafd", + "title":"Deleting a Known Attack Source Rule", + "uri":"DeletePunishmentRule.html", + "doc_type":"api", + "p_code":"23", + "code":"54" + }, + { + "desc":"This API is used to query the list of web tamper protection rules.GET /v1/{project_id}/waf/policy/{policy_id}/antitamperStatus code: 200Status code: 400Status code: 401St", + "product_code":"wafd", + "title":"Querying the List of Web Tamper Protection Rules", + "uri":"ListAntitamperRules.html", + "doc_type":"api", + "p_code":"23", "code":"55" }, { - "desc":"This API is used to query the reference table list. A reference table can be referenced by CC attack protection rules and precise protection rules. For details about how ", - "product_code":"dwaf", - "title":"Querying the Reference Table List", - "uri":"ListValueList.html", + "desc":"This API is used to create a web tamper protection rule.POST /v1/{project_id}/waf/policy/{policy_id}/antitamperStatus code: 200Status code: 400Status code: 401Status code", + "product_code":"wafd", + "title":"Creating a Web Tamper Protection Rule", + "uri":"CreateAntitamperRule.html", "doc_type":"api", - "p_code":"22", + "p_code":"23", "code":"56" }, { - "desc":"This API is used to create a reference table. A reference table can be referenced by CC attack protection rules and precise protection rules. For details about how to use", - "product_code":"dwaf", - "title":"Adding a Reference Table", - "uri":"CreateValueList.html", + "desc":"This API is used to query a web tamper protection rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}Status code: 200Status code: 400Status code: ", + "product_code":"wafd", + "title":"Querying a Web Tamper Protection Rule by ID", + "uri":"ShowAntitamperRule.html", "doc_type":"api", - "p_code":"22", + "p_code":"23", "code":"57" }, { - "desc":"This API is used to modify a reference table.PUT /v1/{project_id}/waf/valuelist/{valuelistid}Status code: 200Status code: 400Status code: 401Status code: 500Status code: ", - "product_code":"dwaf", - "title":"Modifying a Reference Table", - "uri":"UpdateValueList.html", + "desc":"This API is used to delete a web tamper protection rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}Status code: 200Status code: 400Status code: 40", + "product_code":"wafd", + "title":"Deleting a Web Tamper Protection Rule", + "uri":"DeleteAntitamperRule.html", "doc_type":"api", - "p_code":"22", + "p_code":"23", "code":"58" }, { - "desc":"This API is used to delete a reference table.DELETE /v1/{project_id}/waf/valuelist/{valuelistid}Status code: 200Status code: 400Status code: 401Status code: 500Status cod", - "product_code":"dwaf", - "title":"Deleting a Reference Table", - "uri":"DeleteValueList.html", + "desc":"This API is used to updating the cache for a web tamper protection Rule.POST /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}/refreshStatus code: 200Status co", + "product_code":"wafd", + "title":"Updating the Cache for a Web Tamper Protection Rule", + "uri":"UpdateAntiTamperRuleRefresh.html", "doc_type":"api", - "p_code":"22", + "p_code":"23", "code":"59" }, + { + "desc":"This API is used to query the list of information leakage prevention rules.GET /v1/{project_id}/waf/policy/{policy_id}/antileakageStatus code: 200Status code: 400Status c", + "product_code":"wafd", + "title":"Querying the List of Information Leakage Prevention Rules", + "uri":"ListAntileakageRules.html", + "doc_type":"api", + "p_code":"23", + "code":"60" + }, + { + "desc":"This API is used to create an infroamtion leakage protection rule.POST /v1/{project_id}/waf/policy/{policy_id}/antileakageStatus code: 200Status code: 400Status code: 401", + "product_code":"wafd", + "title":"Creating an Information Leakage Protection Rule", + "uri":"CreateAntileakageRules.html", + "doc_type":"api", + "p_code":"23", + "code":"61" + }, + { + "desc":"This API is used to query an information leakage prevention rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}Status code: 200Status code: 400St", + "product_code":"wafd", + "title":"Querying an Information Leakage Prevention Rule by ID", + "uri":"ShowAntileakageRule.html", + "doc_type":"api", + "p_code":"23", + "code":"62" + }, + { + "desc":"This API is used to update an information leakage prevention rule.PUT /v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}Status code: 200Status code: 400Status ", + "product_code":"wafd", + "title":"Updating an Information Leakage Prevention Rule", + "uri":"UpdateAntileakageRule.html", + "doc_type":"api", + "p_code":"23", + "code":"63" + }, + { + "desc":"This API is used to delete an information leakage prevention rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}Status code: 200Status code: 400Stat", + "product_code":"wafd", + "title":"Deleting an Information Leakage Prevention Rule", + "uri":"DeleteAntileakageRule.html", + "doc_type":"api", + "p_code":"23", + "code":"64" + }, + { + "desc":"This API is used to query the list of false alarm masking rules.GET /v1/{project_id}/waf/policy/{policy_id}/ignoreStatus code: 200Status code: 400Status code: 401Status c", + "product_code":"wafd", + "title":"Querying the False Alarm Masking Rule List", + "uri":"ListIgnoreRules.html", + "doc_type":"api", + "p_code":"23", + "code":"65" + }, + { + "desc":"This API is used to create a global protection whitelist (formerly false alarm masking) rule.POST /v1/{project_id}/waf/policy/{policy_id}/ignoreStatus code: 200Status cod", + "product_code":"wafd", + "title":"Creating a Global Protection Whitelist (Formerly False Alarm Masking) Rule", + "uri":"CreateIgnoreRule.html", + "doc_type":"api", + "p_code":"23", + "code":"66" + }, + { + "desc":"This API is used to querying a global protection whitelist (formerly false alarm masking) rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}Status co", + "product_code":"wafd", + "title":"Querying a Global Protection Whitelist (Formerly False Alarm Masking) Rule by ID", + "uri":"ShowIgnoreRule.html", + "doc_type":"api", + "p_code":"23", + "code":"67" + }, + { + "desc":"This API is used to update a global protection whitelist (false alarm masking) rule.PUT /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}Status code: 200Status cod", + "product_code":"wafd", + "title":"Updating a Global Protection Whitelist (False Alarm Masking) Rule", + "uri":"UpdateIgnoreRule.html", + "doc_type":"api", + "p_code":"23", + "code":"68" + }, + { + "desc":"This API is used to deleting a global protection whitelist (false alarm masking) rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}Status code: 200Statu", + "product_code":"wafd", + "title":"Deleting a Global Protection Whitelist (False Alarm Masking) Rule", + "uri":"DeleteIgnoreRule.html", + "doc_type":"api", + "p_code":"23", + "code":"69" + }, + { + "desc":"This API is used to query the list of geolocation access control rules.GET /v1/{project_id}/waf/policy/{policy_id}/geoipStatus code: 200Status code: 400Status code: 401St", + "product_code":"wafd", + "title":"Querying the List of Geolocation Access Control Rules", + "uri":"ListGeoipRules.html", + "doc_type":"api", + "p_code":"23", + "code":"70" + }, + { + "desc":"This API is used to create a geolocation access control rule.POST /v1/{project_id}/waf/policy/{policy_id}/geoipStatus code: 200Status code: 400Status code: 401Status code", + "product_code":"wafd", + "title":"Creating a Geolocation Access Control Rule", + "uri":"CreateGeoipRule.html", + "doc_type":"api", + "p_code":"23", + "code":"71" + }, + { + "desc":"This API is used to query a geolocation access control rule by ID.GET /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}Status code: 200Status code: 400Status code: ", + "product_code":"wafd", + "title":"Querying a Geolocation Access Control Rule by ID", + "uri":"ShowGeoipRule.html", + "doc_type":"api", + "p_code":"23", + "code":"72" + }, + { + "desc":"This API is used to update a geolocation access control rule.PUT /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}Status code: 200Status code: 400Status code: 401St", + "product_code":"wafd", + "title":"Updating a Geolocation Access Control Rule", + "uri":"UpdateGeoipRule.html", + "doc_type":"api", + "p_code":"23", + "code":"73" + }, + { + "desc":"This API is used to delete a geolocation access control rule.DELETE /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}Status code: 200Status code: 400Status code: 40", + "product_code":"wafd", + "title":"Deleting a Geolocation Access Control Rule", + "uri":"DeleteGeoipRule.html", + "doc_type":"api", + "p_code":"23", + "code":"74" + }, + { + "desc":"This API is used to query the reference table list. A reference table can be referenced by CC attack protection rules and precise protection rules. For details about how ", + "product_code":"wafd", + "title":"Querying the Reference Table List", + "uri":"ListValueList.html", + "doc_type":"api", + "p_code":"23", + "code":"75" + }, + { + "desc":"This API is used to create a reference table. A reference table can be referenced by CC attack protection rules and precise protection rules. For details about how to use", + "product_code":"wafd", + "title":"Creating a Reference Table", + "uri":"CreateValueList.html", + "doc_type":"api", + "p_code":"23", + "code":"76" + }, + { + "desc":"This API is used to query a reference table by ID.GET /v1/{project_id}/waf/valuelist/{table_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code", + "product_code":"wafd", + "title":"Querying a Reference Table by ID", + "uri":"ShowValueList.html", + "doc_type":"api", + "p_code":"23", + "code":"77" + }, + { + "desc":"This API is used to modify a reference table.PUT /v1/{project_id}/waf/valuelist/{table_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code: 200", + "product_code":"wafd", + "title":"Modifying a Reference Table", + "uri":"UpdateValueList.html", + "doc_type":"api", + "p_code":"23", + "code":"78" + }, + { + "desc":"This API is used to delete a reference table.DELETE /v1/{project_id}/waf/valuelist/{table_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code: ", + "product_code":"wafd", + "title":"Deleting a Reference Table", + "uri":"DeleteValueList.html", + "doc_type":"api", + "p_code":"23", + "code":"79" + }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", - "product_code":"dwaf", + "product_code":"wafd", "title":"Certificate Management", "uri":"topic_300000004.html", "doc_type":"api", "p_code":"2", - "code":"60" + "code":"80" }, { "desc":"This API is used to query the certificate list.GET /v1/{project_id}/waf/certificateStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request", - "product_code":"dwaf", + "product_code":"wafd", "title":"Querying the Certificate List", "uri":"ListCertificates.html", "doc_type":"api", - "p_code":"60", - "code":"61" + "p_code":"80", + "code":"81" }, { "desc":"This API is used to create a certificate.POST /v1/{project_id}/waf/certificateStatus code: 200Status code: 400Status code: 401Status code: 500Status code: 200Request succ", - "product_code":"dwaf", + "product_code":"wafd", "title":"Creating a Certificate", "uri":"CreateCertificate.html", "doc_type":"api", - "p_code":"60", - "code":"62" + "p_code":"80", + "code":"82" }, { "desc":"This API is used to query a certificate.GET /v1/{project_id}/waf/certificate/{certificate_id}Status code: 200Status code: 400Status code: 401Status code: 500Status code: ", - "product_code":"dwaf", + "product_code":"wafd", "title":"Querying a Certificate", "uri":"ShowCertificate.html", "doc_type":"api", - "p_code":"60", - "code":"63" + "p_code":"80", + "code":"83" }, { "desc":"This API is used to delete a certificate.DELETE /v1/{project_id}/waf/certificate/{certificate_id}Status code: 200Status code: 400Status code: 401Status code: 500Status co", - "product_code":"dwaf", + "product_code":"wafd", "title":"Deleting a Certificate", "uri":"DeleteCertificate.html", "doc_type":"api", - "p_code":"60", - "code":"64" + "p_code":"80", + "code":"84" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", - "product_code":"dwaf", + "product_code":"wafd", "title":"Dashboard", "uri":"topic_300000005.html", "doc_type":"api", "p_code":"2", - "code":"65" + "code":"85" }, { "desc":"This API is used to query website request statistics.GET /v1/{project_id}/waf/overviews/statisticsStatus code: 200Status code: 400Status code: 401Status code: 500Status c", - "product_code":"dwaf", + "product_code":"wafd", "title":"Querying Website Request Statistics", "uri":"ListStatistics.html", "doc_type":"api", - "p_code":"65", - "code":"66" + "p_code":"85", + "code":"86" }, { "desc":"This API is used to query the website QPS statistics.GET /v1/{project_id}/waf/overviews/qps/timelineStatus code: 200Status code: 400Status code: 401Status code: 500Status", - "product_code":"dwaf", + "product_code":"wafd", "title":"Querying the QPS Statistics", "uri":"ListQpsTimeline.html", "doc_type":"api", - "p_code":"65", - "code":"67" + "p_code":"85", + "code":"87" }, { "desc":"This API is used to query bandwidth usage statistics.GET /v1/{project_id}/waf/overviews/bandwidth/timelineStatus code: 200Status code: 400Status code: 401Status code: 500", - "product_code":"dwaf", + "product_code":"wafd", "title":"Querying Bandwidth Usage Statistics", "uri":"ListBandwidthTimeline.html", "doc_type":"api", - "p_code":"65", - "code":"68" + "p_code":"85", + "code":"88" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", - "product_code":"dwaf", + "product_code":"wafd", "title":"Event Management", "uri":"topic_300000006.html", "doc_type":"api", "p_code":"2", - "code":"69" + "code":"89" }, { - "desc":"This API is used to query the list of attack events for a specific period. It cannot be used to query all attack events. The pagesize parameter cannot be set to -1.GET /v", - "product_code":"dwaf", + "desc":"This API is used to query the list of attack events for a specific period.GET /v1/{project_id}/waf/eventStatus code: 200Status code: 400Status code: 401Status code: 500St", + "product_code":"wafd", "title":"Querying the List of Attack Events", "uri":"ListEvent.html", "doc_type":"api", - "p_code":"69", - "code":"70" + "p_code":"89", + "code":"90" }, { "desc":"This API is used to query the details about an attack event.GET /v1/{project_id}/waf/event/{eventid}Status code: 200Status code: 400Status code: 401Status code: 500Status", - "product_code":"dwaf", + "product_code":"wafd", "title":"Querying Attack Event Details", "uri":"ShowEvent.html", "doc_type":"api", - "p_code":"69", - "code":"71" + "p_code":"89", + "code":"91" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", - "product_code":"dwaf", + "product_code":"wafd", + "title":"Permissions and Supported Actions", + "uri":"waf_02_0119.html", + "doc_type":"api", + "p_code":"", + "code":"92" + }, + { + "desc":"This chapter describes fine-grained permissions management for your WAF. If your account does not need individual IAM users, then you may skip over this chapter.By defaul", + "product_code":"wafd", + "title":"Introduction", + "uri":"waf_02_0129.html", + "doc_type":"api", + "p_code":"92", + "code":"93" + }, + { + "desc":"WAF provides system-defined policies that can be directly used in IAM. You can also create custom policies and use them to supplement system-defined policies, implementin", + "product_code":"wafd", + "title":"Supported Actions", + "uri":"waf_02_0139.html", + "doc_type":"api", + "p_code":"92", + "code":"94" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"wafd", "title":"Appendix", "uri":"waf_02_0084.html", "doc_type":"api", "p_code":"", - "code":"72" + "code":"95" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", - "product_code":"dwaf", + "product_code":"wafd", "title":"Status Codes", "uri":"waf_02_0085.html", "doc_type":"api", - "p_code":"72", - "code":"73" + "p_code":"95", + "code":"96" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", - "product_code":"dwaf", + "product_code":"wafd", "title":"Error Codes", "uri":"ErrorCode.html", "doc_type":"api", - "p_code":"72", - "code":"74" + "p_code":"95", + "code":"97" }, { "desc":"Character Set Specifications for KeyThe key cannot be left blank or be an empty string.In Deutsche Telekom, a tag key can contain uppercase letters, lowercase letters, di", - "product_code":"dwaf", + "product_code":"wafd", "title":"Character Set Specifications", "uri":"waf_02_0086.html", "doc_type":"api", - "p_code":"72", - "code":"75" + "p_code":"95", + "code":"98" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", - "product_code":"dwaf", + "product_code":"wafd", + "title":"Geographical Location Codes", + "uri":"waf_02_0186.html", + "doc_type":"api", + "p_code":"95", + "code":"99" + }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"wafd", "title":"Change History", "uri":"waf_02_0087.html", "doc_type":"api", "p_code":"", - "code":"76" + "code":"100" } ] \ No newline at end of file diff --git a/docs/wafd/api-ref/CreateAnticrawlerRule.html b/docs/wafd/api-ref/CreateAnticrawlerRule.html new file mode 100644 index 00000000..ca1b4a2a --- /dev/null +++ b/docs/wafd/api-ref/CreateAnticrawlerRule.html @@ -0,0 +1,386 @@ + + +

Creating a JavaScript Anti-Crawler Rule

+

Function

This API is used to create a JavaScript anti-crawler rule.

+
+

URI

POST /v1/{project_id}/waf/policy/{policy_id}/anticrawler

+ +
+ + + + + + + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

Project ID. To obtain it, go to Cloud management console and hover the cursor over your username. On the displayed window, choose My Credentials. Then, in the Projects area, view Project ID of the corresponding project.

+

policy_id

+

Yes

+

String

+

ID of a protection policy. You can specify a protection policy ID to query the rules used in the protection policy. You can obtain the policy ID by calling the ListPolicy API.

+
+
+ +
+ + + + + + + + + + + +
Table 2 Query Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

enterprise_project_id

+

No

+

String

+

You can obtain the ID by calling the ListEnterpriseProject API of EPS.

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + + + + + + +
Table 3 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

+

Content-Type

+

Yes

+

String

+

Content type.

+

Default: application/json;charset=utf8

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 4 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

url

+

Yes

+

String

+

URL to which the rule applies.

+

logic

+

Yes

+

Integer

+

Rule matching logic

+

  • 1: Include

    +

  • 2: Not include

    +

  • 3: Equal

    +

  • 4: Not equal

    +

  • 5: Prefix is

    +

  • 6: Prefix is not

    +

  • 7: Suffix is

    +

  • 8: Suffix is not

    +
+

name

+

Yes

+

String

+

Rule name.

+

type

+

Yes

+

String

+

JavaScript anti-crawler rule type.

+

  • anticrawler_specific_url: used to protect a specific path specified by the rule.

    +

  • anticrawler_except_url: used to protect all paths except the one specified by the rule.

    +
+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 5 Response body parameters

Parameter

+

Type

+

Description

+

policyid

+

String

+

Policy ID.

+

id

+

String

+

Rule ID.

+

url

+

String

+

URL to which the rule applies.

+

logic

+

Integer

+

Rule matching logic

+

  • 1: Include

    +

  • 2: Not include

    +

  • 3: Equal

    +

  • 4: Not equal

    +

  • 5: Prefix is

    +

  • 6: Prefix is not

    +

  • 7: Suffix is

    +

  • 8: Suffix is not

    +
+

name

+

String

+

Rule name.

+

type

+

String

+

JavaScript anti-crawler rule type.

+

  • anticrawler_specific_url: used to protect a specific path specified by the rule.

    +

  • anticrawler_except_url: used to protect all paths except the one specified by the rule.

    +
+

timestamp

+

Long

+

Timestamp the rule is created.

+

status

+

Integer

+

Rule status. The value can be 0 or 1.

+

  • 0: The rule is disabled.

    +

  • 1: The rule is enabled.

    +
+
+
+

Status code: 400

+ +
+ + + + + + + + + + + + + +
Table 6 Response body parameters

Parameter

+

Type

+

Description

+

error_code

+

String

+

Error code

+

error_msg

+

String

+

Error message

+
+
+

Status code: 401

+ +
+ + + + + + + + + + + + + +
Table 7 Response body parameters

Parameter

+

Type

+

Description

+

error_code

+

String

+

Error code

+

error_msg

+

String

+

Error message

+
+
+

Status code: 500

+ +
+ + + + + + + + + + + + + +
Table 8 Response body parameters

Parameter

+

Type

+

Description

+

error_code

+

String

+

Error code

+

error_msg

+

String

+

Error message

+
+
+
+

Example Requests

POST https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/anticrawler?
+
+{
+  "url" : "/patent/id",
+  "logic" : 3,
+  "name" : "test2",
+  "type" : "anticrawler_except_url"
+}
+
+

Example Responses

Status code: 200

+

ok

+
{
+  "id" : "607d14b8153540c0af51a00fe2140d05",
+  "policyid" : "777716e0b7b84b5192b9d373f7c6d4f0",
+  "name" : "test2",
+  "timestamp" : 1675152776784,
+  "status" : 1,
+  "url" : "/patent/id",
+  "logic" : 1,
+  "type" : "anticrawler_except_url"
+}
+
+

Status Codes

+
+ + + + + + + + + + + + + + + + +

Status Code

+

Description

+

200

+

ok

+

400

+

Request failed.

+

401

+

The token does not have required permissions.

+

500

+

Internal server error.

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Rule Management
+
+
+ diff --git a/docs/wafd/api-ref/CreateAntileakageRules.html b/docs/wafd/api-ref/CreateAntileakageRules.html new file mode 100644 index 00000000..6b7474c7 --- /dev/null +++ b/docs/wafd/api-ref/CreateAntileakageRules.html @@ -0,0 +1,355 @@ + + +

Creating an Information Leakage Protection Rule

+

Function

This API is used to create an infroamtion leakage protection rule.

+
+

URI

POST /v1/{project_id}/waf/policy/{policy_id}/antileakage

+ +
+ + + + + + + + + + + + + + + + +
Table 1 Path Parameters

Parameter

+

Mandatory

+

Type

+

Description

+

project_id

+

Yes

+

String

+

project_id

+

policy_id

+

Yes

+

String

+

Policy ID. It can be obtained by calling the ListPolicy API.

+
+
+
+

Request Parameters

+
+ + + + + + + + + + + + + + + + +
Table 2 Request header parameters

Parameter

+

Mandatory

+

Type

+

Description

+

X-Auth-Token

+

Yes

+

String

+

auth token

+

Content-Type

+

Yes

+

String

+

Content type.

+

Default: application/json;charset=utf8

+
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 3 Request body parameters

Parameter

+

Mandatory

+

Type

+

Description

+

url

+

Yes

+

String

+

URL to which the rule applies.

+

category

+

Yes

+

String

+

Sensitive information type in the information leakage prevention rule.

+

  • sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.

    +

  • code: The rule blocks response pages of specified HTTP response code.

    +
+

Enumeration values:

+

  • code

    +

  • sensitive

    +
+

contents

+

Yes

+

Array of strings

+

Content corresponding to the sensitive information type. Multiple options can be set.

+

  • When category is set to code, the pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.

    +

  • When category is set to sensitive, parameters phone, id_card, and email can be set.

    +
+

description

+

No

+

String

+

Description

+
+
+
+

Response Parameters

Status code: 200

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 4 Response body parameters

Parameter

+

Type

+

Description

+

id

+

String

+

Rule ID

+

url

+

String

+

URL to which the rule applies.

+

category

+

String

+

Sensitive information type in the information leakage prevention rule.

+

  • sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.

    +

  • code: The rule blocks response pages of specified HTTP response code.

    +
+

Enumeration values:

+

  • code

    +

  • sensitive

    +
+

contents

+

Array of strings

+

Content corresponding to the sensitive information type. Multiple options can be set.

+

  • When category is set to code, the pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.

    +

  • When category is set to sensitive, parameters phone, id_card, and email can be set.

    +
+

timestamp

+

Long

+

Timestamp the rule is created.

+

description

+

String

+

Rule description.

+

status

+

Integer

+

Rule status. The value can be:

+

  • 0: The rule is disabled.

    +

  • 1: The rule is enabled.

    +
+

Enumeration values:

+

  • 0

    +

  • 1

    +
+
+
+

Status code: 400

+ +
+ + + + + + + + + + + + + +
Table 5 Response body parameters

Parameter

+

Type

+

Description

+

error_code

+

String

+

Error code

+

error_msg

+

String

+

Error message

+
+
+

Status code: 401

+ +
+ + + + + + + + + + + + + +
Table 6 Response body parameters

Parameter

+

Type

+

Description

+

error_code

+

String

+

Error code

+

error_msg

+

String

+

Error message

+
+
+

Status code: 500

+ +
+ + + + + + + + + + + + + +
Table 7 Response body parameters

Parameter

+

Type

+

Description

+

error_code

+

String

+

Error code

+

error_msg

+

String

+

Error message

+
+
+
+

Example Requests

POST https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/antileakage?
+
+{
+  "url" : "/attack",
+  "category" : "sensitive",
+  "contents" : [ "id_card" ]
+}
+
+

Example Responses

Status code: 200

+

Request succeeded.

+
{
+  "id" : "82c4f04f84fd4b2b9ba4b4ea0df8ee82",
+  "policyid" : "2fcbcb23ef0d48d99d24d7dcff00307d",
+  "timestamp" : 1668152426471,
+  "description" : "demo",
+  "status" : 1,
+  "url" : "/attack",
+  "category" : "sensitive",
+  "contents" : [ "id_card" ]
+}
+
+

Status Codes

+
+ + + + + + + + + + + + + + + + +

Status Code

+

Description

+

200

+

Request succeeded.

+

400

+

Request failed.

+

401

+

The token does not have required permissions.

+

500

+

Internal server error.

+
+
+
+

Error Codes

See Error Codes.

+
+
+
+
+
Parent topic: Rule Management
+
+
+ diff --git a/docs/wafd/api-ref/CreateAntitamperRule.html b/docs/wafd/api-ref/CreateAntitamperRule.html index ba8d8cb7..fa6a06dc 100644 --- a/docs/wafd/api-ref/CreateAntitamperRule.html +++ b/docs/wafd/api-ref/CreateAntitamperRule.html @@ -3,7 +3,7 @@

Creating a Web Tamper Protection Rule

Function

This API is used to create a web tamper protection rule.

-

URI

POST /v1/{project_id}/waf/policy/{policy_id}/antitamper

+

URI

POST /v1/{project_id}/waf/policy/{policy_id}/antitamper

@@ -30,7 +30,7 @@ - @@ -164,7 +164,7 @@ -
Table 1 Path Parameters

Parameter

String

Policy ID

+

Policy ID. It can be obtained by calling the ListPolicy API.

String

Domain name protected by the web tamper protection rule

+

The domain name of the website protected with the web tamper protection rule. The domain name is in the format of xxx.xxx.com, such as www.example.com.

url

diff --git a/docs/wafd/api-ref/CreateCcRule.html b/docs/wafd/api-ref/CreateCcRule.html index 7d412fbc..f4c837c6 100644 --- a/docs/wafd/api-ref/CreateCcRule.html +++ b/docs/wafd/api-ref/CreateCcRule.html @@ -3,7 +3,7 @@

Creating a CC Attack Protection Rule

Function

This API is used to create a CC attack protection rule.

-

URI

POST /v1/{project_id}/waf/policy/{policy_id}/cc

+

URI

POST /v1/{project_id}/waf/policy/{policy_id}/cc

@@ -30,7 +30,7 @@ - @@ -81,7 +81,127 @@ - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -90,84 +210,11 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Table 1 Path Parameters

Parameter

String

Policy ID. It can be obtained by calling the API Querying Protection Policies.

+

Policy ID. It can be obtained by calling the ListPolicy API.

description

+

mode

+

Yes

+

Integer

+

Protection mode of the CC attack protection rule, which corresponds to the Mode field in the Add CC Attack Protection Rule dialog box on the WAF console.

+

  • 0: standard. Only the protected paths of domain names can be specified.

    +

  • 1: The path, IP address, cookie, header, and params fields can all be set.

    +
+

Enumeration values:

+

  • 0

    +

  • 1

    +
+

url

+

Yes

+

String

+

Path to be protected in the CC attack protection rule. This parameter is mandatory when the CC attack protection rule is in standard mode (i.e. the value of mode is 0).

+

conditions

+

No

+

Array of CcCondition objects

+

Rate limit conditions of the CC protection rule. This parameter is mandatory when the CC protection rule is in advanced mode (i.e. the value of mode is 1).

+

action

+

Yes

+

action object

+

Protection action to take if the number of requests reaches the upper limit.

+

tag_type

+

Yes

+

String

+

Rate limit mode.

+

  • ip: IP-based rate limiting. Website visitors are identified by IP address.

    +

  • cookie: User-based rate limiting. Website visitors are identified by the cookie key value.

    +

  • header: User-based rate limiting. Website visitors are identified by the header field.

    +

  • other: Website visitors are identified by the Referer field (user-defined request source).

    +
+

Enumeration values:

+

  • ip

    +

  • cookie

    +

  • header

    +

  • other

    +
+

tag_index

+

No

+

String

+

User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).

+

  • cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.

    +

  • header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.

    +
+

tag_condition

+

No

+

tag_condition object

+

User tag. This parameter is mandatory when the rate limit mode is set to other. -other: A website visitor is identified by the Referer field (user-defined request source).

+

limit_num

+

Yes

+

Integer

+

Rate limit frequency based on the number of requests. The value ranges from 1 to 2,147,483,647.

+

limit_period

+

Yes

+

Integer

+

Rate limit period, in seconds. The value ranges from 1 to 3,600.

+

unlock_num

+

No

+

Integer

+

Allowable frequency based on the number of requests. The value ranges from 0 to 2,147,483,647. This parameter is required only when the protection action type is dynamic_block.

+

lock_time

+

No

+

Integer

+

Block duration, in seconds. The value ranges from 0 to 65,535. Specifies the period within which access is blocked. An error page is displayed in this period.

+

description

No

Rule description

limit_num

-

No

-

Integer

-

Frequency limits

-

Minimum: 0

-

Maximum: 10000

-

limit_period

-

No

-

Integer

-

Frequency limit unit

-

Minimum: 0

-

Maximum: 10000

-

url

-

No

-

String

-

url

-

Minimum: 0

-

Maximum: 10000

-

mode

-

No

-

Integer

-

Work mode. The value can be 0 (standard) or 1 (advanced). The parameters of the advanced mode cannot be described in the same document of the same API. For details, see this parameter on the console page.

-

Enumeration values:

-

  • 0

    -

  • 1

    -
-

action

-

No

-

action object

-

Action to take if the number of requests reaches the upper limit.

-

tag_type

-

No

-

String

-

Protection mode.

-

  • ip: IP-based rate limiting. Website visitors are identified by IP address.

    -

  • cookie: User-based rate limiting. Website visitors are identified by the cookie key value.

    -

  • other: Website visitors are identified by the Referer field (user-defined request source).

    -
-

Enumeration values:

-

  • ip

    -

  • other

    -

  • cookie

    -
-
-
Table 4 action

Parameter

+
@@ -179,34 +226,89 @@ - - - + + + + + + + + + + - + + + + +
Table 4 CcCondition

Parameter

Mandatory

category

No

+

Yes

String

Action type:

-

  • block: WAF blocks discovered attacks.

    -

  • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

    -

  • If tag_type is set to other, the value can only be block.

    +

Field type. The value can be url, ip, params, cookie, or header.

+

Enumeration values:

+

  • url

    +

  • ip

    +

  • params

    +

  • cookie

    +

  • header

detail

+

logic_operation

+

Yes

+

String

+

Logic for matching the condition.

+

  • If the category is url, the optional operations are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal and len_not_equal

    +

  • If the category is ip, the optional operations are: equal, not_equal, , equal_any and not_equal_all

    +

  • If the category is params, cookie and header, the optional operations are: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal, len_not_equal, num_greater, num_less, num_equal, num_not_equal, exist and not_exist

    +
+

Enumeration values:

+

  • contain

    +

  • not_contain

    +

  • equal

    +

  • not_equal

    +

  • prefix

    +

  • not_prefix

    +

  • suffix

    +

  • not_suffix

    +

  • contain_any

    +

  • not_contain_all

    +

  • equal_any

    +

  • not_equal_all

    +

  • prefix_any

    +

  • not_prefix_all

    +

  • suffix_any

    +

  • not_suffix_all

    +

  • num_greater

    +

  • num_less

    +

  • num_equal

    +

  • num_not_equal

    +

  • exist

    +

  • not_exist

    +
+

contents

+

No

+

Array of strings

+

Content of the conditions. This parameter is mandatory when the suffix of logic_operation is not any or all.

+

value_list_id

No

String

Action details. If detail is null, the default block page is displayed by default.

-

  • This parameter cannot be included when category is set to captcha.

    -

  • This parameter is required when category is set to block.

    -
+

Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is mandatory when the suffix of logic_operation is any or all. The reference table type must be the same as the category type.

+

index

+

No

+

String

+

Subfield. When category is set to params, cookie, or header, set this parameter based on site requirements. This parameter is mandatory.
-
Table 5 detail

Parameter

+
@@ -216,20 +318,43 @@ - + + + + + - -
Table 5 action

Parameter

Mandatory

response

+

category

+

Yes

+

String

+

Action type:

+

  • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

    +

  • block: WAF blocks the requests. When tag_type is set to other, the value can only be block.

    +

  • log: WAF logs the event only.

    +

  • dynamic_block: In the previous rate limit period, if the request frequency exceeds the value of Rate Limit Frequency, the request is blocked. In the next rate limit period, if the request frequency exceeds the value of Permit Frequency, the request is still blocked. Note: The dynamic_block protection action can be set only when the advanced protection mode is enabled for the CC protection rule.

    +
+

Enumeration values:

+

  • captcha

    +

  • block

    +

  • log

    +

  • dynamic_block

    +
+

detail

No

response object

+

detail object

Returned page.

+

Block page information. When protection action category is set to block or dynamic_block, you need to set the returned block page.

+

  • If you want to use the default block page, this parameter can be excluded.

    +

  • If you want to use a custom block page, set this parameter.

    +
-
Table 6 response

Parameter

+
@@ -239,22 +364,82 @@ - - - - +
Table 6 detail

Parameter

Mandatory

content_type

+

response

No

String

+

response object

Content type. The value can only be application/json, text/html, or text/xml.

+

Returned page.

content

+
+
+ +
+ + + + + + - - - + + + + + + + +
Table 7 response

Parameter

+

Mandatory

+

Type

+

Description

+

content_type

No

+

No

String

+

String

Protection page content.

+

Content type. The value can only be application/json, text/html, or text/xml.

+

Enumeration values:

+

  • application/json

    +

  • text/html

    +

  • text/xml

    +
+

content

+

No

+

String

+

Protection page content.

+
+
+ +
+ + + + + + + + + + + + + + @@ -263,7 +448,7 @@

Response Parameters

Status code: 200

-
Table 8 tag_condition

Parameter

+

Mandatory

+

Type

+

Description

+

category

+

No

+

String

+

User identifier. The value is fixed at referer.

+

contents

+

No

+

Array of strings

+

Content of the user identifier field.
Table 7 Response body parameters

Parameter

+
@@ -308,7 +493,7 @@ @@ -322,36 +507,80 @@ - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + - - - - - - + + + + + + + +
Table 9 Response body parameters

Parameter

Type

Mode.

  • 0: Standard.

    -

  • 1: Advanced

    +

  • 1: Advanced.

limit_num

+

conditions

String

+

Array of CcCondition objects

Number of requests allowed from a web visitor in a rate limiting period

+

Rate limit conditions of the CC protection rule. This parameter is mandatory when the CC protection rule is in advanced mode (i.e. the value of mode is 1).

limit_period

+

action

String

+

action object

Rate limiting period

-

lock_time

-

String

-

How long a web visitor will be locked The value range is [0 to 2^32), in seconds.

+

Protection action to take if the number of requests reaches the upper limit.

tag_type

String

Protection mode.

+

Rate limit mode.

  • ip: IP-based rate limiting. Website visitors are identified by IP address.

  • cookie: User-based rate limiting. Website visitors are identified by the cookie key value.

    -

  • other: A website visitor is identified by the Referer field (user-defined request source).

    +

  • other: Website visitors are identified by the Referer field (user-defined request source).

+

Enumeration values:

+

  • ip

    +

  • other

    +

  • cookie

    +

  • header

    +
+

tag_index

+

String

+

User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).

+

  • cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.

    +

  • header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.

    +
+

tag_condition

+

tag_condition object

+

User tag. This parameter is mandatory when the rate limit mode is set to other. -other: A website visitor is identified by the Referer field (user-defined request source).

+

limit_num

+

Integer

+

Rate limit frequency based on the number of requests. The value ranges from 1 to 2,147,483,647.

+

limit_period

+

Integer

+

Rate limit period, in seconds. The value ranges from 1 to 3,600.

+

unlock_num

+

Integer

+

Allowable frequency based on the number of requests. The value ranges from 0 to 2,147,483,647. This parameter is required only when the protection action type is dynamic_block.

+

lock_time

+

Integer

+

Block duration, in seconds. The value ranges from 0 to 65,535. Specifies the period within which access is blocked. An error page is displayed in this period.

description

@@ -361,18 +590,32 @@

Rule description

action

+

total_num

action object

+

Integer

Action to take if the number of requests reaches the upper limit.

+

This parameter is reserved and can be ignored currently.

conditions

+

unaggregation

Array of conditions objects

+

Boolean

Condition list. This parameter is returned when mode is set to 1.

+

This parameter is reserved and can be ignored currently.

+

aging_time

+

Integer

+

Rule aging time. This parameter is reserved and can be ignored currently.

+

producer

+

Integer

+

Rule creation object. This parameter is reserved and can be ignored currently.

timestamp

@@ -386,7 +629,7 @@
-
Table 8 action

Parameter

+
@@ -398,28 +641,77 @@ - - - + + + + + + + + + + + +
Table 10 CcCondition

Parameter

Type

String

Action type:

-

  • block: WAF blocks discovered attacks.

    -

  • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

    -

  • If tag_type is set to other, the value can only be block.

    +

Field type. The value can be url, ip, params, cookie, or header.

+

Enumeration values:

+

  • url

    +

  • ip

    +

  • params

    +

  • cookie

    +

  • header

detail

+

logic_operation

String

Action details. If detail is null, the default block page is displayed by default.

-

  • This parameter cannot be included when category is set to captcha.

    -

  • This parameter is required when category is set to block.

    +

Logic for matching the condition.

+

  • If the category is url, the optional operations are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal and len_not_equal

    +

  • If the category is ip, the optional operations are: equal, not_equal, , equal_any and not_equal_all

    +

  • If the category is params, cookie and header, the optional operations are: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal, len_not_equal, num_greater, num_less, num_equal, num_not_equal, exist and not_exist

+

Enumeration values:

+

  • contain

    +

  • not_contain

    +

  • equal

    +

  • not_equal

    +

  • prefix

    +

  • not_prefix

    +

  • suffix

    +

  • not_suffix

    +

  • contain_any

    +

  • not_contain_all

    +

  • equal_any

    +

  • not_equal_all

    +

  • prefix_any

    +

  • not_prefix_all

    +

  • suffix_any

    +

  • not_suffix_all

    +

  • num_greater

    +

  • num_less

    +

  • num_equal

    +

  • num_not_equal

    +

  • exist

    +

  • not_exist

    +
+

contents

+

Array of strings

+

Content of the conditions. This parameter is mandatory when the suffix of logic_operation is not any or all.

+

value_list_id

+

String

+

Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is mandatory when the suffix of logic_operation is any or all. The reference table type must be the same as the category type.

+

index

+

String

+

Subfield. When category is set to params, cookie, or header, set this parameter based on site requirements. This parameter is mandatory.
-
Table 9 detail

Parameter

+
@@ -427,18 +719,39 @@ - - - + + + +
Table 11 action

Parameter

Type

response

+

category

response object

+

String

Returned page

+

Action type:

+

  • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

    +

  • block: WAF blocks the requests. When tag_type is set to other, the value can only be block.

    +

  • log: WAF logs the event only.

    +

  • dynamic_block: In the previous rate limit period, if the request frequency exceeds the value of Rate Limit Frequency, the request is blocked. In the next rate limit period, if the request frequency exceeds the value of Permit Frequency, the request is still blocked. Note: The dynamic_block protection action can be set only when the advanced protection mode is enabled for the CC protection rule.

    +
+

Enumeration values:

+

  • captcha

    +

  • block

    +

  • log

    +

  • dynamic_block

    +
+

detail

+

detail object

+

Block page information. When protection action category is set to block or dynamic_block, you need to set the returned block page.

+

  • If you want to use the default block page, this parameter can be excluded.

    +

  • If you want to use a custom block page, set this parameter.

    +
-
Table 10 response

Parameter

+
@@ -446,25 +759,18 @@ - - - - - - -
Table 12 detail

Parameter

Type

content_type

+

response

String

+

response object

Content type. The value can only be application/json, text/html, or text/xml.

-

content

-

String

-

Contents

+

Block Page
-
Table 11 conditions

Parameter

+
@@ -472,39 +778,49 @@ - - - - - - - - - +
Table 13 response

Parameter

Type

category

+

content_type

String

Field type. The options are as follows: ip, cookie, and url

-

index

-

String

-

Parameter description:

-

  • When the field type is ip or url, the index parameter is not required.

    -

  • When the field type is cookie and the subfield is customized, the value of index is the customized subfield.

    +

Content type. The value can only be application/json, text/html, or text/xml.

+

Enumeration values:

+

  • application/json

    +

  • text/html

    +

  • text/xml

logic_operation

+

content

String

Condition matching logic. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, equal_any, and not_equal_any, contain_any, and not_contain_any.

-

  • When the field type is url, the following matching logics are supported: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix.

    -

  • When the field type is ip, the following matching logics are supported: equal, not_equal, equal_any, and not_equal_any.

    -

  • When category is set to cookie, the following matching logics are supported: contain, not_contain, equal, not_equal. prefix, not_prefix, suffix, not_suffix, contain_any, and not_contain_any.

    -
+

Block page information.

contents

+
+
+ +
+ + + + + - - + + + + @@ -512,26 +828,26 @@

Status code: 400

-
Table 14 tag_condition

Parameter

+

Type

+

Description

+

category

Array of strings

+

String

Content of the conditions.

+

User identifier. The value is fixed at referer.

+

contents

+

Array of strings

+

Content of the user identifier field.
Table 12 Response body parameters

Parameter

+
- - - - - - - - @@ -539,26 +855,26 @@

Status code: 401

-
Table 15 Response body parameters

Parameter

Type

+

Type

Description

+

Description

error_code

+

error_code

String

+

String

Error code

+

Error code

error_msg

+

error_msg

String

+

String

Error message

+

Error message
- + + + + @@ -482,45 +613,41 @@

Example Requests

POST https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/custom?enterprise_project_id=0
 
 {
-    "description": "",
-    "action": {
-        "category": "block"
-    },
-    "priority": 50,
-    "conditions": [
-        {
-            "category": "header",
-            "logic_operation": "contain",
-            "index": "demo"
-            "content" ["demo"]
-        }
-    ],
-    "time": false
+  "action" : {
+    "category" : "block"
+  },
+  "time" : false,
+  "priority" : 50,
+  "description" : "",
+  "conditions" : [ {
+    "category" : "url",
+    "logic_operation" : "contain",
+    "index" : null,
+    "contents" : [ "test" ]
+  } ]
 }

Example Responses

Status code: 200

Request succeeded.

{
-  "items" : [ {
-    "action" : {
-      "category" : "block"
-    },
-    "action_mode" : false,
-    "aging_time" : 0,
-    "conditions" : [ {
-      "category" : "header",
-      "index" : "demo",
-      "logic_operation" : "contain",
-      "content" : [ "demo" ]
-    } ],
-    "description" : "",
-    "id" : "2a3caa2bc9814c09ad73d02e3485b4a4",
-    "policyid" : "1f016cde588646aca3fb19f277c44d03",
-    "priority" : 50,
-    "status" : 1,
-    "time" : false,
-    "timestamp" : 1656495488880
-  } ]
+  "id" : "88e8bf4158324b2d9a233e7ffb95516d",
+  "policyid" : "dde63c25e8394b21b16a2a49a99e659b",
+  "timestamp" : 1678799936830,
+  "description" : "",
+  "status" : 1,
+  "time" : false,
+  "priority" : 50,
+  "action_mode" : false,
+  "conditions" : [ {
+    "category" : "url",
+    "contents" : [ "test" ],
+    "logic_operation" : "contain"
+  } ],
+  "action" : {
+    "category" : "block"
+  },
+  "producer" : 1,
+  "aging_time" : 0
 }

Status Codes

diff --git a/docs/wafd/api-ref/CreateGeoipRule.html b/docs/wafd/api-ref/CreateGeoipRule.html index 8cff34d2..44911220 100644 --- a/docs/wafd/api-ref/CreateGeoipRule.html +++ b/docs/wafd/api-ref/CreateGeoipRule.html @@ -3,7 +3,7 @@

Creating a Geolocation Access Control Rule

Function

This API is used to create a geolocation access control rule.

-

URI

POST /v1/{project_id}/waf/policy/{policy_id}/geoip

+

URI

POST /v1/{project_id}/waf/policy/{policy_id}/geoip

Table 13 Response body parameters

Parameter

+
- - - - - - - - @@ -566,26 +882,26 @@

Status code: 500

-
Table 16 Response body parameters

Parameter

Type

+

Type

Description

+

Description

error_code

+

error_code

String

+

String

Error code

+

Error code

error_msg

+

error_msg

String

+

String

Error message

+

Error message
@@ -362,7 +445,35 @@ - + + + +
Table 14 Response body parameters

Parameter

+
- - - - - - - - @@ -609,7 +925,6 @@

Example Responses

Status code: 200

Request succeeded.

{
-  "aging_time" : 0,
   "description" : "",
   "id" : "a5f3fd28db564696b199228f0ac346b2",
   "limit_num" : 10,
@@ -622,7 +937,9 @@
   "tag_type" : "ip",
   "timestamp" : 1656494435686,
   "total_num" : 0,
+  "aging_time" : 0,
   "unaggregation" : false,
+  "producer" : 1,
   "url" : "/path"
 }
diff --git a/docs/wafd/api-ref/CreateCertificate.html b/docs/wafd/api-ref/CreateCertificate.html index 2916395b..902f135b 100644 --- a/docs/wafd/api-ref/CreateCertificate.html +++ b/docs/wafd/api-ref/CreateCertificate.html @@ -3,7 +3,7 @@

Creating a Certificate

Function

This API is used to create a certificate.

-

URI

POST /v1/{project_id}/waf/certificate

+

URI

POST /v1/{project_id}/waf/certificate

Table 17 Response body parameters

Parameter

Type

+

Type

Description

+

Description

error_code

+

error_code

String

+

String

Error code

+

Error code

error_msg

+

error_msg

String

+

String

Error message

+

Error message
@@ -230,8 +230,8 @@ { "name" : "demo", - "content" : "-----BEGIN CERTIFICATE----- MIIDyzCCArOgAwIBAgIJAN5U0Z4Bh5ccMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNV BAYTAlpIMRIwEAYDVQQIDAlHVUFOR0RPTkcxETAPBgNVBAcMCERPTkdHVUFOMQ0w CwYDVQQKDARERUtFMQswCQYDVQQLDAJESzELMAkGA1UEAwwCT0QxHTAbBgkqhkiG 9w0BCQEWDk8IZC5odWF3ZWkuY29tMB4XDTIxMTExNTA4MTk0MVoXDTIyMTExNTA4 MTk0MVowfDELMAkGA1UEBhMCWkgxEjAQBgNVBAgMCUdVQU5HRE9ORzERMA8GA1UE BwwIRE9OR0dVQU4xDTALBgNVBAoMBERFS0UxCzAJBgNVBAsMAkRLMQswCQYDVQQD DAJPRDEdMBsGCSqGSIb3DQEJARYOTwhkLmh1YXdlaS5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDcoLFK62//r0RHFyweYBj97S4NsJ8Qj0RG+Y02 OgwhQmRiNNjubJwP8Nqqyd86zr+fsSQxKBaBCosn1PcN2Pj2vPJD6NEk4I6VdOWr /kFYMlOcimhSfW4wt6VakniOKIYGrCxxvQe1X2OyBxT+ocTLRgEIB8ZbvJyPNseg feLEUuPYRpQ5kXLgJH2/3NwZFOgBHVv/b07l4fR+sWJMnIA2yIjSBQ0DEAOSusXo FQ/WRbBRH7DrQmxGiXsq4VELEr9Nnc/Kywq+9pYi8L+mKeRL+lcMMbXC/3k6OfMB tVTiwcmS1Mkr3iG03i8u6H7RSvRwyBz9G9sE+tmJZTPH6lYtAgMBAAGjUDBOMB0G A1UdDgQWBBQprUUFXW+gIkpzXdrYlsWjfSahWjAfBgNVHSMEGDAWgBQprUUFXW+g IkpzXdrYlsWjfSahWjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA2 603KozsQoIKeLvqDJlcAXwWRfNW8SvlaSJAulhHgneMt9bQgIL+3PJWA/iMniOhU o/kVwkiUIcxw4t7RwP0hVms0OZw59MuqKd3oCSWkYO4vEHs3t40JDWnGDnmQ4sol RkOWJwL4w8tnPe3qY9JSupjlsu6Y1hlvKtEfN2vEKFnsuMhidkUpUAJWodHhWBQH wgIDo4/6yTnWZNGK8JDal86Dm5IchXea1EoYBJsHxiJb7HeWQlkre+MCYi1RHOin 4mIXTr0oT4/jWlgklSz6/ZhGRq+7W7tIl7cvzCe+4XsVZIenAcYoNd/WLfo91PD4 yAsRXrOjW1so1Bj0BkDz -----END CERTIFICATE-----", - "key" : "-----BEGIN PRIVATE KEY----- MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDcoLFK62//r0RH FyweYBj97S4NsJ8Qj0RG+Y02OgwhQmRiNNjubJwP8Nqqyd86zr+fsSQxKBaBCosn 1PcN2Pj2vPJD6NEk4I6VdOWr/kFYMlOcimhSfW4wt6VakniOKIYGrCxxvQe1X2Oy BxT+ocTLRgEIB8ZbvJyPNsegfeLEUuPYRpQ5kXLgJH2/3NwZFOgBHVv/b07l4fR+ sWJMnIA2yIjSBQ0DEAOSusXoFQ/WRbBRH7DrQmxGiXsq4VELEr9Nnc/Kywq+9pYi 8L+mKeRL+lcMMbXC/3k6OfMBtVTiwcmS1Mkr3iG03i8u6H7RSvRwyBz9G9sE+tmJ ZTPH6lYtAgMBAAECggEBAL+xZxm/QoqXT+2stoqV2GEYaMFASpRqxlocjZMmEE/9 jZa+cBWIjHhVPsjRqYFBDcHEebu0JwlrjcjIAvgnIvnO5XgXm1A9Q+WbscokmcX1 xCvpHgc+MDVn+uWdCd4KW5kEk4EnSsFN5iNSf+1VxNURN+gwSSp/0E+muwA5IISO G6HQ+p6qs52JAitX5t/7ruKoHYXJxBnf7TUs7768qrh++KPKpPlq044qoYlcGO1n 4urPBHuNLy04GgGw+vkaqjqOvZrNLVOMMaFWBxsDWBehgSSBQTj+f3NCxneGYtt8 3SCTZQI5nIkb+r/M455EwKTSXuEsNHoIwx7L6GEPbQECgYEA8IxgK2fYykloICoh TFJaRAvyjyKa2+Aza4qT9SGY9Y30VPClPjBB1vUu5M9KrFufzlv06nGEcHmpEwOe 8vbRu7nLAQTGYFi8VK63q8w6FlFdAyCG6Sx+BWCfWxJzXsZLAJTfklwi8HsOSlqh 6QNv0xbE2fLjXKf8MHvtrufip40CgYEA6sy87eDrkVgtq4ythAik3i1C5Z3v0fvx mTblG52Z21OyocNq3Tf/b1ZwoIc1ik6cyBzY6z1bIrbSzArCqm0sb2iD+kJL81O0 /qqdXjBxZUkKiVAMNNp7xJGZHHFKWUxT2+UX/tlyx4tT4dzrFIkdDXkcMmqfsRxd 1NEVaAaT8SECgYAoU7BPtpIun43YTpfUfr3pSIN6oZeKoxSbw9i4MNC+4fSDRPC+ 80ImcmZRL7taF+Y7p0jxAOTuIkdJC8NbAiv5J9WzrwQ+5MF2BPB/2bYnRa6tNofH kZDy/9bXYsl6qw2p5Ety8wVcgZTMvFMGiG/32IpZ65FYWEU8L5qSRwfFhQKBgQC9 ihjZTj/bTHtRiHZppzCvyYm/Igd+Uwtsy0uXR1n0G1SQENgrTBD/J6AzdfJae6tE P0U8YIM5Oqxf2i/as9ay+IPRecMl4eSxz7jJWAGx6Yx/3AZ+hAB1ZbNbqniCLYNk d0MvjwmA25ATO+ro4OZ7AdEpQbk3l9aG/WFyYBz9AQKBgQCucFPA1l5eslL8196V WMr2Qo0tqzl7CGSoWQk2Sa2HZtZdfofXAaaqo+zvJ6RPHtJh0jgJtx536DVV3egI 37YrdQyJbCPZXQ3SPgqWCorUnXBwq/nxS06uwu6JBxUFc57ijmMU4fWYNrvkkmWb 7keAg/r5Uy1joMAvBN1I6lB8pg== -----END PRIVATE KEY-----" + "content" : "-----BEGIN CERTIFICATE-----\nMIICUjCCAbugAwIBAgIJANxRp4YpWj66MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNV BAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQg Q29tcGFueSBMdGQwHhcNMjMwMzA2MTMwNDI2WhcNMjQwMzA1MTMwNDI2WjBCMQsw CQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZh dWx0IENvbXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4KoXA HK8ZcmOMl+FDDnzBKhD/RcSdjqtie47YZYX9T9XNtfuvmJf78JQC3X18xAJdutyP tvX6RwqITLItD6DsI/x6vkMJDLGOfuMpxjHwm6VOILIVIMUVWsZqTk4NdaFRpBCN VpzQdy/j3WUg0l86dYna0GdkOHuk6l1pgk52RwIDAQABo1AwTjAdBgNVHQ4EFgQU 9/usGS95WL1qUuq5F8XiDXA8Fq4wHwYDVR0jBBgwFoAU9/usGS95WL1qUuq5F8Xi DXA8Fq4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQCXIvTibia/fGlf IaraBMH313Z+xBlkBX5X8y2wYRa+RRVR4OB8zTY2Rm0OXOHMgPPEs5xpYXPBK/CH i+kodHIq+0AxYzMlDs3j+V7FzUrZQbItPYXtgQStZjdOvtM129ecuKWRRtmNNSBZ sj9VBsvsMrI1S2bZo5wJMPuR/TGGOQ==\n-----END CERTIFICATE-----", + "key" : "-----BEGIN PRIVATE KEY-----\nMIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBALgqhcAcrxlyY4yX 4UMOfMEqEP9FxJ2Oq2J7jthlhf1P1c21+6+Yl/vwlALdfXzEAl263I+29fpHCohM si0PoOwj/Hq+QwkMsY5+4ynGMfCbpU4gshUgxRVaxmpOTg11oVGkEI1WnNB3L+Pd ZSDSXzp1idrQZ2Q4e6TqXWmCTnZHAgMBAAECgYEAh/YknirO/ktbwQzTqczFP1oO CFd6ixMr5d3wHEP/Qn6xCliCwiU2dzIqI19faD/Qu1/bu2HIgQf3d56fn/K8yrgq tmd7BZvXcZuK/LXOLfpAXAdMl5bgOW+ejJvf9LsA6xYWsxmki6+VYbJ+XVr4w2yH nBiimwp7v4eoBlMqVQECQQDeJw6o15p30MEzj5t3oVLL86rY20HZfqnpS6S10CHx l0W/0ah7S4QnvXi6NhvS0o3mj+VNzeYvoHII9DP28IyBAkEA1DnSyH7D5W4GUmsr NfDOBYuKUaahDtdN/Qx2JF1jEvLluLC7Nr1ETzrKodN/+lOYwfIOWx5tkXPpLFMu rko+xwJAWV7DEf+yn7L2loSWWbknsu7y80y5oALJ3hXVTGNP1H4zzChPLFLD9qzN rbPo25ZjCbcn23YSvWRBnAKKCTTagQJBAKWvgxVOimfrLvpXesPA/Ucs+s7mNSVe CCAAA5g+ZGPdyGUZbP++Yb8tWhdfBLINY9w+uuB+b/I3uRoG0xH1Gu8CQQCpEIYC DUNO98ylm4QOAkyC0nv6x33gQqcu6ExtK7ptbdFZT1QdOAwm5SBaE50rWjyTO4gL Cpsd6f0baeGAxNAw\n-----END PRIVATE KEY-----" }

Example Responses

Status code: 200

diff --git a/docs/wafd/api-ref/CreateCustomRules.html b/docs/wafd/api-ref/CreateCustomRules.html index 23996aa9..989775ba 100644 --- a/docs/wafd/api-ref/CreateCustomRules.html +++ b/docs/wafd/api-ref/CreateCustomRules.html @@ -3,7 +3,7 @@

Creating a Precise Protection Rule

Function

This API is used to create a precise protection rule.

-

URI

POST /v1/{project_id}/waf/policy/{policy_id}/custom

+

URI

POST /v1/{project_id}/waf/policy/{policy_id}/custom

Table 1 Path Parameters

Parameter
@@ -30,7 +30,7 @@ - @@ -83,7 +83,7 @@ - @@ -131,7 +131,7 @@ - @@ -140,7 +140,7 @@ - @@ -168,6 +168,18 @@ @@ -188,7 +200,37 @@ - - - @@ -225,14 +267,29 @@ + + + + + - @@ -294,13 +351,6 @@ - - - - + + + + + + + + + + + +
Table 1 Path Parameters

Parameter

String

Policy ID. It can be obtained by calling the API Querying Protection Policies.

+

Policy ID. It can be obtained by calling the ListPolicy API.

time

No

+

Yes

Boolean

action

No

+

Yes

CustomAction object

priority

No

+

Yes

Integer

String

Field type. The options are url, user-agent, ip, params, cookie, referer, header, request_line, method, and request.

+

Enumeration values:

+

  • url

    +

  • user-agent

    +

  • referer

    +

  • ip

    +

  • method

    +

  • request_line

    +

  • request

    +

  • params

    +

  • cookie

    +

  • header

    +

index

@@ -178,7 +190,7 @@

Subfield

  • When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.

    -

  • If the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

    +

  • When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

String

Logic for matching the condition. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix. For more details, see the console UI.

+

Logic for matching the condition.

+

  • If the category is url, user-agent or referer , the optional operations are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal and len_not_equal

    +

  • If the category is ip, the optional operations are: equal, not_equal, , equal_any and not_equal_all

    +

  • If the category is method, the optional operations are: equal and not_equal

    +

  • If the category is request_line and request, the optional operations are: len_greater, len_less, len_equal and len_not_equal

    +

  • If the category is params, header, and cookie, the optional operations are: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal, len_not_equal, num_greater, num_less, num_equal, num_not_equal, exist and not_exist

    +
+

Enumeration values:

+

  • contain

    +

  • not_contain

    +

  • equal

    +

  • not_equal

    +

  • prefix

    +

  • not_prefix

    +

  • suffix

    +

  • not_suffix

    +

  • contain_any

    +

  • not_contain_all

    +

  • equal_any

    +

  • not_equal_all

    +

  • prefix_any

    +

  • not_prefix_all

    +

  • suffix_any

    +

  • not_suffix_all

    +

  • num_greater

    +

  • num_less

    +

  • num_equal

    +

  • num_not_equal

    +

  • exist

    +

  • not_exist

    +

contents

@@ -197,7 +239,7 @@

Array of strings

Condition content for matching the rule

+

Content of the conditions. This parameter is mandatory when the suffix of logic_operation is not any or all.

value_list_id

@@ -206,7 +248,7 @@

String

ID of the reference table

+

Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is mandatory when the suffix of logic_operation is any or all. The reference table type must be the same as the category type.

category

Yes

+

String

+

Operation type

+

  • block: WAF blocks attacks.

    +

  • pass: WAF allows requests.

    +

  • log: WAF only logs detected attacks.

    +
+

Enumeration values:

+

  • block

    +

  • pass

    +

  • log

    +
+

followed_action_id

+

No

String

Action type.

-

  • block: WAF blocks attacks.

    -

  • pass: WAF allows requests.

    -
+

ID of a known attack source rule. This parameter can be configured only when category is set to block.

Protective action of the precise protection rule.

action_mode

-

Boolean

-

This parameter is reserved and can be ignored.

-

priority

Integer

@@ -329,6 +379,27 @@

Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.

action_mode

+

Boolean

+

This parameter is reserved and can be ignored currently.

+

aging_time

+

Integer

+

Rule aging time. This parameter is reserved and can be ignored currently.

+

producer

+

Integer

+

Rule creation object. This parameter is reserved and can be ignored currently.

+
@@ -346,6 +417,18 @@

String

Field type. The options are url, user-agent, ip, params, cookie, referer, header, request_line, method, and request.

+

Enumeration values:

+

  • url

    +

  • user-agent

    +

  • ip

    +

  • params

    +

  • cookie

    +

  • referer

    +

  • header

    +

  • request_line

    +

  • method

    +

  • request

    +

index

@@ -354,7 +437,7 @@

Subfield

  • When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.

    -

  • If the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

    +

  • When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

String

Logic for matching the condition. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix. For more details, see the console UI.

+

Logic for matching the condition.

+

Enumeration values:

+

  • contain

    +

  • not_contain

    +

  • equal

    +

  • not_equal

    +

  • prefix

    +

  • not_prefix

    +

  • suffix

    +

  • not_suffix

    +

  • contain_any

    +

  • not_contain_all

    +

  • equal_any

    +

  • not_equal_all

    +

  • prefix_any

    +

  • not_prefix_all

    +

  • suffix_any

    +

  • not_suffix_all

    +

  • len_greater

    +

  • len_less

    +

  • len_equal

    +

  • len_not_equal

    +

  • num_greater

    +

  • num_less

    +

  • num_equal

    +

  • num_not_equal

    +

  • exist

    +

  • not_exist

    +

contents

@@ -372,6 +483,13 @@

Content of the conditions.

value_list_id

+

String

+

Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is available only when a reference table is used when a protection rule is created.

+
@@ -388,10 +506,23 @@

String

Action type.

-

  • block: WAF blocks attacks.

    -

  • pass: WAF allows requests.

    +

Operation type

+

  • block: WAF blocks attacks.

    +

  • pass: WAF allows requests.

    +

  • log: WAF only logs detected attacks.

+

Enumeration values:

+

  • block

    +

  • pass

    +

  • log

    +
+

followed_action_id

+

String

+

ID of a known attack source rule. This parameter can be configured only when category is set to block.
@@ -30,7 +30,7 @@ - @@ -109,6 +109,7 @@

  • South Africa: South Africa

  • Mexico: Mexico

  • Peru: Peru

    +

  • For more geographical location codes, see "Appendix - Geographic Location Codes."

    • @@ -125,6 +126,15 @@ + + + + + + + + + + + + + @@ -327,9 +352,9 @@ "timestamp" : 1650534513775, "description" : "demo", "status" : 1, + "geoTagList" : [ "BR" ], "geoip" : "BR", - "white" : 0, - "geoTagList" : [ "SH", "Afghanistan" ] + "white" : 0 }

    Status Codes

    diff --git a/docs/wafd/api-ref/CreateIgnoreRule.html b/docs/wafd/api-ref/CreateIgnoreRule.html index 61e47e85..fc7d9ed4 100644 --- a/docs/wafd/api-ref/CreateIgnoreRule.html +++ b/docs/wafd/api-ref/CreateIgnoreRule.html @@ -1,9 +1,9 @@ -

    Creating a False Alarm Masking Rule

    -

    Function

    This API is used to create a false alarm masking rule.

    +

    Creating a Global Protection Whitelist (Formerly False Alarm Masking) Rule

    +

    Function

    This API is used to create a global protection whitelist (formerly false alarm masking) rule.

    -

    URI

    POST /v1/{project_id}/waf/policy/{policy_id}/ignore

    +

    URI

    POST /v1/{project_id}/waf/policy/{policy_id}/ignore

    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    name

    +

    No

    +

    String

    +

    Rule name. Currently, the console does not support configuring names for geolocation access control rule. Ignore this parameter.

    +

    description

    No

    @@ -162,6 +172,20 @@

    Policy ID

    name

    +

    String

    +

    Rule name. Currently, the console does not support configuring names for geolocation access control rule. Ignore this parameter.

    +

    geoTagList

    +

    Array of strings

    +

    List of geographical locations hit the geolocation access control rule.

    +

    geoip

    String

    @@ -188,6 +212,7 @@

  • South Africa: South Africa

  • Mexico: Mexico

  • Peru: Peru

    +

  • For more geographical location codes, see "Appendix - Geographic Location Codes."

    		•
    @@ -30,7 +30,7 @@ - @@ -81,22 +81,31 @@ - - - - - - - - + + + + + + + + + + - - - - - - - - - - - - - + + + + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    description

    -

    No

    -

    String

    -

    Provides supplementary information about the assignment.

    -

    url

    +

    domain

    Yes

    String

    +

    Array of strings

    URL protected by the web tamper protection rule. The value must be in the standard URL format, for example, /admin.

    +

    Domain names to be protected. If the array length is 0, this rule will take effect for all domain names that are protected by the policies this rule belongs to.

    +

    conditions

    +

    Yes

    +

    Array of CreateCondition objects

    +

    Condition list

    +

    mode

    +

    Yes

    +

    Integer

    +

    The value is fixed at 1, indicating v2 false alarm masking rules.

    rule

    @@ -105,57 +114,37 @@

    String

    Masked rule. The value can be the ID of a rule that is matched, all rules (all), or enumeration value of the attack type. To mask a built-in rule included in Basic Web Protection, set this parameter to the ID of the rule. To obtain the rule ID, go to the WAF console. Then, choose Policies and click the policy name. On the displayed page, find the Basic Web Protection area and click Advanced Settings. On the displayed page, click Protection Rule and view the rule ID. To disable a certain type of rule, the value can be:

    -

    • xss or sqli: XSS attacks

      -

    • cmdi: Command injectionrobot: Malicious crawlers

      -

    • lfi: Local file inclusion

      -

    • rfi: Remote file inclusionwebshell: Website Trojans

      -

    • cc: CC attacks -custom_custom: Precise protection

      -

    • custom_whiteblackip: IP address blacklist and whitelist

      -

    • custom_geoip: Geolocation access control

      -

    • antitamper: Web tamper protection

      -

    • anticrawler: Anti-crawler protection

      -

    • leakage: Data leakage prevention

      -

    • illegal: Illegal requests

      -

    • vuln: Other attack types

      +

    Items to be masked. You can provide multiple items and separate them with semicolons (;).

    +

    • If you want to disable a specific built-in rule for a domain name, the value of this parameter is the rule ID. When requests are blocked against a certain built-in rule while you do not want this rule to block requests later, you can query the rule in the Events page on the console and find its rule ID in the Hit Rule column. Then, you can disk the rule by its ID (including 6 digits).

      +

    • If you want to mask a type of basic web protection rules, set this parameter to the name of the type of basic web protection rules. xss: XSS attacks webshell: Web shells vuln: Other types of attacks sqli: SQL injection attack robot: Malicious crawlers rfi: Remote file inclusion lfi: Local file inclusion cmdi: Command injection attack

      +

    • To bypass the basic web protection, set this parameter to all.

      +

    • To bypass all WAF protection, set this parameter to bypass.

    url_logic

    -

    Yes

    -

    String

    -

    URL match logic:

    -

    • equal: full match

      -

    • prefix: prefix match

      -
    -

    domains

    -

    No

    -

    Array of strings

    -

    Protected domain name

    -

    advanced

    No

    advanced object

    +

    Array of Advanced objects

    advanced

    +

    To ignore attacks of a specific field, specify the field in the Advanced settings area. After you add the rule, WAF will stop blocking attacks of the specified field. This parameter is not included if all modules are bypassed.

    +

    description

    +

    No

    +

    String

    +

    Description of the rule
    -
    Table 4 advanced

    Parameter

    +
    @@ -165,28 +154,82 @@ - - - + + + + + - + + + + + + + +
    Table 4 CreateCondition

    Parameter

    Mandatory

    index

    +

    category

    No

    String

    To ignore attacks of a specified field, specify the field in the Advanced Settings area. After you complete the configuration, WAF will stop intercepting attack events of the specified field. The following fields are supported:

    -

    • cookie: session cookie

      -

    • header: header field

      -

    • body: body field

      -

    • multipart: multipart/form-data type data

      -

    • params: parameter

      +

    Field type. The value can be url, ip, params, cookie, or header.

    +

    Enumeration values:

    +

    • url

      +

    • ip

      +

    • params

      +

    • cookie

      +

    • header

    content

    +

    contents

    +

    No

    +

    Array of strings

    +

    Content. The array length is limited to 1. The content format varies depending on the field type. For example, if the field type is ip, the value must be an IP address or IP address range. If the field type is url, the value must be in the standard URL format. IF the field type is params, cookie, or header, the content format is not limited.

    +

    logic_operation

    No

    String

    Specified field (available only for param, cookie, and header)

    +

    The matching logic varies depending on the field type. For example, if the field type is ip, the logic can be equal or not_equal. If the field type is url, params, cookie, or header, the logic can be equal, not_equal, contain, not_contain, prefix, not_prefix, suffix, not_suffix.

    +

    index

    +

    No

    +

    String

    +

    If the field type is ip and the subfield is the client IP address, the index parameter is not required. If the subfield type is X-Forwarded-For, the value is x-forwarded-for; If the field type is params, header, or cookie, and the subfield is user-defined, the value of index is the user-defined subfield.

    +
    +
    + +
    + + + + + + + + + + + + + + @@ -195,7 +238,7 @@

    Response Parameters

    Status code: 200

    -
    Table 5 Advanced

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    index

    +

    No

    +

    String

    +

    Field type. The following field types are supported: Params, Cookie, Header, Body, and Multipart.

    +

    • When you select Params, Cookie, or Header, you can set this parameter to all or configure subfields as required.

      +

    • When you select Body or Multipart, set this parameter to all.

      +
    +

    contents

    +

    No

    +

    Array of strings

    +

    Subfield of the specified field type. The default value is all.
    Table 5 Response body parameters

    Parameter

    +
    @@ -207,96 +250,85 @@ - - - - - - - - - - - - - - - - - - + + + +
    Table 6 Response body parameters

    Parameter

    Type

    String

    Rule ID.

    +

    Rule ID

    policyid

    String

    Policy ID.

    +

    Policy ID

    timestamp

    Long

    Rule creation time.

    +

    Timestamp the rule was created.

    description

    String

    Provides supplementary information about the assignment.

    +

    Rule Description

    status

    Integer

    Rule status. The value can be:

    -

    • 0: The rule is disabled.

      -

    • 1: The rule is enabled.

      +

    Rule status. The value can be 0 or 1.

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

    url

    -

    String

    -

    URL protected by the web tamper protection rule. The value must be in the standard URL format, for example, /admin.

    -

    rule

    String

    Masked rule. The value can be the ID of a rule that is matched, all rules (all), or enumeration value of the attack type. To mask a built-in rule included in Basic Web Protection, set this parameter to the ID of the rule. To obtain the rule ID, go to the WAF console. Then, choose Policies and click the policy name. On the displayed page, find the Basic Web Protection area and click Advanced Settings. On the displayed page, click Protection Rule and view the rule ID. To disable a certain type of rule, the value can be:

    -

    • xss or sqli: XSS attacks

      -

    • cmdi: Command injectionrobot: Malicious crawlers

      -

    • lfi: Local file inclusion

      -

    • rfi: Remote file inclusionwebshell: Website Trojans

      -

    • cc: CC attacks -custom_custom: Precise protection

      -

    • custom_whiteblackip: IP address blacklist and whitelist

      -

    • custom_geoip: Geolocation access control

      -

    • antitamper: Web tamper protection

      -

    • anticrawler: Anti-crawler protection

      -

    • leakage: Data leakage prevention

      -

    • illegal: Illegal requests

      -

    • vuln: Other attack types

      +

    Items to be masked. You can provide multiple items and separate them with semicolons (;).

    +

    • If you want to disable a specific built-in rule for a domain name, the value of this parameter is the rule ID. When requests are blocked against a certain built-in rule while you do not want this rule to block requests later, you can query the rule in the Events page on the console and find its rule ID in the Hit Rule column. Then, you can disk the rule by its ID (including 6 digits).

      +

    • If you want to mask a type of basic web protection rules, set this parameter to the name of the type of basic web protection rules. xss: XSS attacks webshell: Web shells vuln: Other types of attacks sqli: SQL injection attack robot: Malicious crawlers rfi: Remote file inclusion lfi: Local file inclusion cmdi: Command injection attack

      +

    • To bypass the basic web protection, set this parameter to all.

      +

    • To bypass all WAF protection, set this parameter to bypass.

    url_logic

    +

    mode

    String

    +

    Integer

    URL match logic:

    -

    • equal: full match

      -

    • prefix: prefix match

      -
    +

    The value is fixed at 1, indicating v2 false alarm masking rules are used.

    domains

    +

    conditions

    Array of strings

    +

    Array of Condition objects

    Protected domain name

    +

    Condition list

    advanced

    advanced object

    +

    Array of Advanced objects

    advanced

    +

    Advanced settings

    +

    domain

    +

    Array of strings

    +

    Domain names to be protected. If the array length is 0, this rule will take effect for all domain names that are protected by the policies this rule belongs to.
    -
    Table 6 advanced

    Parameter

    +
    @@ -304,24 +336,68 @@ - - + + + + + + + + + + + + + + + + + + +
    Table 7 Condition

    Parameter

    Type

    index

    +

    category

    String

    To ignore attacks of a specified field, specify the field in the Advanced Settings area. After you complete the configuration, WAF will stop intercepting attack events of the specified field. The following fields are supported:

    -

    • cookie: session cookie

      -

    • header: header field

      -

    • body: body field

      -

    • multipart: multipart/form-data type data

      -

    • params: parameter

      +

    Field type. The value can be ip, url, params, cookie, or header.

    +

    contents

    +

    Array of strings

    +

    Content. The array length must be 1. The content format varies depending on field types. For example, if the field type is ip, the value must be an IP address or IP address range. If the field type is url, the value must be a URL in standard format. If the field type is params, cookie, or header, the content format is not limited.

    +

    logic_operation

    +

    String

    +

    The matching logic varies depending on the field type. For example, if the field type is ip, the logic can be equal or not_equal. If the field type is url, params, cookie, or header, the logic can be equal, not_equal, contain, not_contain, prefix, not_prefix, suffix, not_suffix.

    +

    check_all_indexes_logic

    +

    Integer

    +

    This parameter is reserved and can be ignored.

    +

    index

    +

    String

    +

    If the field type is ip and the subfield is the client IP address, the index parameter does not exist. If the subfield type is X-Forwarded-For, the value is x-forwarded-for. If the field type is params, header, or cookie, and the subfield is user-defined, the value of index is the user-defined subfield.

    +
    +
    + +
    + + + + + + + - - - @@ -329,26 +405,26 @@

    Status code: 400

    -
    Table 8 Advanced

    Parameter

    +

    Type

    +

    Description

    +

    index

    +

    String

    +

    Field type. The following field types are supported: Params, Cookie, Header, Body, and Multipart.

    +

    • When you select Params, Cookie, or Header, you can set this parameter to all or configure subfields as required.

      +

    • When you select Body or Multipart, set this parameter to all.

    content

    +

    contents

    String

    +

    Array of strings

    Specified field (available only for param, cookie, and header)

    +

    Subfield of the specified field type. The default value is all.
    Table 7 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -356,26 +432,26 @@

    Status code: 401

    -
    Table 9 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 8 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -383,26 +459,26 @@

    Status code: 500

    -
    Table 10 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    - - - - - @@ -294,7 +298,7 @@ - + + + + - + + + + - - - @@ -437,9 +465,31 @@
    Table 9 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -412,25 +488,34 @@

    Example Requests

    POST https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/ignore?
 
 {
-  "domain" : [ "test3.th.com" ],
-  "rule" : "webshell",
-  "url_logic" : "equal",
-  "url" : "/demo",
-  "description" : ""
+  "domain" : [ "www.example.com" ],
+  "mode" : 1,
+  "description" : "",
+  "conditions" : [ {
+    "category" : "ip",
+    "logic_operation" : "equal",
+    "index" : null,
+    "contents" : [ "x.x.x.x" ]
+  } ],
+  "rule" : "091004"
 }

    Example Responses

    Status code: 200

    Request succeeded.

    {
-  "id" : "c20f67b3e1c040c0b0d8866e568ee8bf",
-  "policyid" : "a75e96d8284c4c4f98ada7d391e8342c",
-  "timestamp" : 1656507126528,
-  "description" : "",
+  "id" : "40484384970948d79fffe4e4ae1fc54d",
+  "policyid" : "f385eceedf7c4c34a4d1def19eafbe85",
+  "timestamp" : 1650512535222,
+  "description" : "demo",
   "status" : 1,
-  "rule" : "webshell",
-  "url_logic" : "equal",
-  "url" : "/demo",
-  "domain" : [ "test3.th.com" ]
+  "rule" : "091004",
+  "mode" : 1,
+  "conditions" : [ {
+    "category" : "ip",
+    "contents" : [ "x.x.x.x" ],
+    "logic_operation" : "equal"
+  } ],
+  "domain" : [ "www.example.com" ]
 }

    Status Codes

    diff --git a/docs/wafd/api-ref/CreateInstance.html b/docs/wafd/api-ref/CreateInstance.html index 16a1f25e..4e697a07 100644 --- a/docs/wafd/api-ref/CreateInstance.html +++ b/docs/wafd/api-ref/CreateInstance.html @@ -3,7 +3,7 @@

    Creating a Dedicated WAF Engine

    Function

    This API is used to create a dedicated WAF engine

    -

    URI

    POST /v1/{project_id}/premium-waf/instance

    +

    URI

    POST /v1/{project_id}/premium-waf/instance

    Table 11 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -41,7 +41,7 @@ - @@ -72,16 +72,7 @@ - - - - - - @@ -105,7 +96,7 @@ - - - + + + + +
    Table 1 Path Parameters

    Parameter

    X-Auth-Token

    No

    +

    Yes

    String

    chargemode

    -

    No

    -

    Integer

    -

    Billing mode. Currently, only pay-per-use billing (30) is supported. Make sure your account balance is enough, or the dedicated WAF engine will forward requests directly to the origin server without inspection.

    -

    region

    +

    region

    Yes

    String

    Dedicated engine CPU architecture. Its value can be x86 .

    +

    Dedicated engine CPU architecture. Its value has to be x86.

    instancename

    @@ -123,7 +114,14 @@

    String

    Specifications of the dedicated engine version. The value can be waf.instance.enterprise or waf.instance.professional. An enterprise edition dedicated engine has more functions than a professional edition one. For more details, see the Web Application Firewall (WAF) User Guide.

    +

    Specifications of the dedicated engine version. The value can be waf.instance.enterprise or waf.instance.professional.

    +

    • waf.instance.professional: WI-100. Performance: 100 Mbit/s of throughput and 2,000 QPS.

      +

    • waf.instance.enterprise: WI-100. Performance: 500 Mbit/s of throughput and 10,000 QPS.

      +
    +

    Enumeration values:

    +

    • waf.instance.professional

      +

    • waf.instance.enterprise

      +

    cpu_flavor

    @@ -132,7 +130,7 @@

    String

    ID of the specifications of the ECS hosting the dedicated engine. It can be obtained by calling the ECS ListFlavors API. For the enterprise edition, ECS specifications with 8 vCPUs and 16 GB memory are used. For the professional edition, ECS specifications with 2 vCPUs and 4 GB memory are used.

    +

    ID of the specifications of the ECS hosting the dedicated engine. You can go to the management console and confirm supported specifications.

    vpc_id

    @@ -171,6 +169,20 @@

    Number of dedicated engines to be provisioned

    res_tenant

    +

    Yes

    +

    Boolean

    +

    Whether to create a dedicated engine instance of the network interface type. Its value has to be true.

    +

    • Network Interface: Your WAF instance will be connected to your network via a VPC. (If ELB is used, only dedicated load balancers can be used.)

      +
    +

    Enumeration values:

    +

    • true

      +
    +
    @@ -306,7 +318,6 @@

    Example Requests

    POST https://{endpoint}/v1/{project_id}/premium-waf/instance
 
 {
-  "chargemode" : 30,
   "region" : "region-01-4",
   "available_zone" : "region-01-4a",
   "arch" : "x86",
@@ -316,7 +327,8 @@
   "vpc_id" : "d7b6a5ff-6c53-4cd4-9d57-f20ee8753056",
   "subnet_id" : "e59ccd18-7e15-4588-b689-04b856f4e78b",
   "security_group" : [ "09b156a2-f0f0-41fd-9891-60e594601cfd" ],
-  "count" : 1
+  "count" : 1,
+  "res_tenant" : true
 }

    Example Responses

    Status code: 200

    diff --git a/docs/wafd/api-ref/CreatePolicy.html b/docs/wafd/api-ref/CreatePolicy.html index cd06e915..8e6e8c9b 100644 --- a/docs/wafd/api-ref/CreatePolicy.html +++ b/docs/wafd/api-ref/CreatePolicy.html @@ -3,7 +3,7 @@

    Creating a Policy

    Function

    This API is used to create a policy

    -

    URI

    POST /v1/{project_id}/waf/policy

    +

    URI

    POST /v1/{project_id}/waf/policy

    @@ -151,13 +151,34 @@ - + + + + + + + + + + + + - - - -
    Table 1 Path Parameters

    Parameter

    Array of protected domain names for which the policy is used. Each policy can be used to one or more domain names. You can specify a policy for a domain name when you add the domain name to WAF by calling the API Adding a Protected Domain Name.

    host

    +

    hosts

    Array of strings

    Array of IDs of protected domain names. The ID of a protected domain name is unique and generated by WAF when you add the domain name to WAF. To obtain the IDs, call the API Querying Domain Names Protected by Dedicated WAF Engines. To add a domain name to WAF, call the API Adding a Protected Domain Name.

    extend

    +

    PolicyExtend object

    +

    Switch for enabling or disabling Deep Inspection and Header Inspection in Basic Web Protection.

    +

    share_info

    +

    ShareInfo object

    +

    Whether to share a policy. This parameter is reserved and can be ignored currently.

    +

    modulex_options

    +

    ModulexOptions object

    +

    Whether to enable intelligent CC protection. This parameter is reserved and can be ignored currently.

    +

    timestamp

    Long

    @@ -165,13 +186,6 @@

    Time the policy is created. The value is a 13-digit timestamp, in ms.

    extend

    -

    Map<String,String>

    -

    This parameter is redundant in this version. It will be used in the later versions.

    -
    @@ -234,19 +248,9 @@

    Boolean

    Whether anti-crawler protection is enabled. Anti-crawler protection includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

    -

    • true: enabled

      -

    • false: disabled

      -
    -

    crawler

    -

    Boolean

    -

    Whether feature-based anti-crawler is enabled. This parameter is fixed at true.

    -

    • true: enabled

      -

    • false: disabled

      +

    JavaScript anti-crawler function.

    +

    • true: Enabled

      +

    • false: Disabled

    Boolean

    Whether other crawler check is enabled. The value can be:

    +

    Whether webshell check is enabled. The value can be:

    • true: enabled

    • false: disabled

    @@ -380,25 +384,49 @@

    followed_action

    +

    Boolean

    +

    Whether the Known Attack Source protection is enabled.. The value can be:

    +

    • true: enabled

      +

    • false: disabled

      +
    +

    bot_enable

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    Feature-based anti-crawler. This feature includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

    +

    • true: Enabled

      +

    • false: Disabled

      +
    +

    crawler

    +

    Boolean

    +

    This parameter is reserved and can be ignored currently.

    precise

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter is reserved and can be ignored currently.

    followed_action

    +

    modulex_enabled

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter is reserved and can be ignored currently.

    +

    Enumeration values:

    +

    • true

      +

    • false

      +
    -

    Status code: 400

    -
    Table 8 Response body parameters

    Parameter

    +
    + + + + + + + + + +
    Table 8 PolicyExtend

    Parameter

    +

    Type

    +

    Description

    +

    extend

    +

    String

    +

    Protection statuses for advanced settings in basic web protection. By default, this parameter is left blank, and the Deep Inspection and Header Inspection are disabled.

    +

    • If deep_decode is set to true, the Deep Inspection is enabled.

      +

    • If check_all_headers is set to true, the Header Inspection is enabled.

      +

    • If deep_decode and check_all_headers are set to false, the Deep Inspection and Header Inspection are disabled.

      +
    +
    +
    + +
    @@ -447,18 +497,202 @@ - - - - - - + + + + + + +
    Table 9 ShareInfo

    Parameter

    Type

    error_code

    +

    share_count

    String

    +

    Integer

    Error code

    +

    Total number of the users who share the address group.

    error_msg

    +

    accept_count

    String

    +

    Integer

    Error message

    +

    Number of users who accept the sharing

    +

    process_status

    +

    Integer

    +

    Status

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 10 ModulexOptions

    Parameter

    +

    Type

    +

    Description

    +

    global_rate_enabled

    +

    Boolean

    +

    Status of the global rate limiting function (counting requests to all WAF instances when limiting traffic).

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    global_rate_mode

    +

    String

    +

    Protection mode of the global rate limiting function.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    precise_rules_enabled

    +

    Boolean

    +

    Status of the intelligent precise protection.

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    precise_rules_mode

    +

    String

    +

    Protection mode of the intelligent precise protection.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    precise_rules_managed_mode

    +

    String

    +

    Management mode of the intelligent precise protection.

    +

    • auto: WAF manages automatically generated rules.

      +

    • manual: You can manage rules that are automatically generated by WAF.

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    precise_rules_aging_mode

    +

    String

    +

    Aging mode of the intelligent precise protection.

    +

    • manual: You can customize the maximum age of the rule.

      +

    • auto: Automatic

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    precise_rules_retention

    +

    Integer

    +

    Maximum age of the intelligent precise protection.

    +

    cc_rules_enabled

    +

    Boolean

    +

    Status of the intelligent CC attack protection.

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    cc_rules_mode

    +

    String

    +

    Protection mode of the intelligent CC attack protection rule.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    cc_rules_managed_mode

    +

    String

    +

    Management mode of the intelligent CC attack protection.

    +

    • auto: WAF manages automatically generated rules.

      +

    • manual: You can manage rules that are automatically generated by WAF.

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    cc_rules_aging_mode

    +

    String

    +

    Aging mode of the intelligent CC attack protection..

    +

    • manual: You can customize the maximum age of the rule.

      +

    • auto: Automatic

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    cc_rules_retention

    +

    Integer

    +

    Maximum age of the intelligent CC attack protection.

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + @@ -466,26 +700,26 @@

    Status code: 401

    -
    Table 11 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message
    - @@ -425,9 +489,13 @@ - @@ -447,7 +515,11 @@ -
    Table 9 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -493,26 +727,26 @@

    Status code: 403

    -
    Table 12 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    - - - - + + + + + + + + + + + + + + + +
    Table 10 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -520,26 +754,26 @@

    Status code: 500

    -
    Table 13 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    + + + + +
    Table 11 Response body parameters

    Parameter

    +
    - - - - - - - - diff --git a/docs/wafd/api-ref/CreatePremiumHost.html b/docs/wafd/api-ref/CreatePremiumHost.html index db85c30b..c25d2a82 100644 --- a/docs/wafd/api-ref/CreatePremiumHost.html +++ b/docs/wafd/api-ref/CreatePremiumHost.html @@ -1,9 +1,9 @@

    Adding a Protected Domain Name

    -

    Function

    Adding a Protected Domain Name

    +

    Function

    This API is used to add a domain name to WAF.

    -

    URI

    POST /v1/{project_id}/premium-waf/host

    +

    URI

    POST /v1/{project_id}/premium-waf/host

    Table 14 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -78,7 +78,7 @@ - - - + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    String

    HTTPS certificate ID. It can be obtained by calling the ListCertificates API.This parameter is not required when the client protocol is HTTP, but it is mandatory when the client protocol is HTTPS.

    +

    HTTPS certificate ID. It can be obtained by calling the ListCertificates API. This parameter is not required when the client protocol is HTTP, but it is mandatory when the client protocol is HTTPS.

    certificatename

    @@ -87,7 +87,7 @@

    String

    Certificate name. Certifacteid and certificatename are required at the same. If certificateid does not match certificatename, an error is reported.This parameter is not required when the client protocol is HTTP, but it is mandatory when the client protocol is HTTPS.

    +

    Certificate name. Certifacteid and certificatename are required at the same. If certificateid does not match certificatename, an error is reported. This parameter is not required when the client protocol is HTTP, but it is mandatory when the client protocol is HTTPS.

    hostname

    @@ -114,7 +114,7 @@

    String

    ID of the policy initially used to the domain name. It can be obtained by calling the API described in 2.1.1 Querying Protection Policies.

    +

    ID of the policy initially used to the domain name. It can be obtained by calling the API Querying Protection Policies.

    server

    @@ -126,6 +126,24 @@

    Server configuration in dedicated mode

    web_tag

    +

    No

    +

    String

    +

    website name

    +

    description

    +

    No

    +

    String

    +

    website remarks

    +
    @@ -209,6 +227,15 @@

    weight

    +

    No

    +

    Integer

    +

    This parameter is reserved and can be ignored currently.

    +
    @@ -262,7 +289,11 @@

    String

    HTTP protocol

    +

    Client protocol, which is the protocol used by a client (for example, a browser) to access your website.

    +

    Enumeration values:

    +

    • HTTPS

      +

    • HTTP

      +

    protect_status

    @@ -306,7 +337,7 @@

    Flag object

    Special domain name identifier, which is used to store additional domain name configuration.

    +

    Feature switch for configuring compliance certification checks for domain names protected with the dedicated WAF instance.

    block_page

    @@ -318,9 +349,31 @@

    extend

    Map<String,String>

    +

    Extend object

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter includes some extended information about the protected domain name.

    +

    web_tag

    +

    String

    +

    website name

    +

    description

    +

    String

    +

    website remarks

    +

    locked

    +

    Integer

    +

    This parameter is reserved, which will be used to freeze a domain name.

    +

    Default: 0

    timestamp

    @@ -399,6 +452,13 @@

    weight

    +

    Integer

    +

    This parameter is reserved and can be ignored currently.

    +
    @@ -415,9 +475,13 @@

    String

    Whether PCI 3DS certification check is enabled for the domain name. Currently, this function is not supported. The default value is false. You can ignore this parameter.

    -

    • true: PCI 3DS check is enabled.

      -

    • false: PCI 3DS check is disenabled.

      +

    Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected.

    +

    • true: Enable this check.

      +

    • false: Disable this check.

      +
    +

    Enumeration values:

    +

    • true

      +

    • false

    String

    Whether PCI DDS certification check is enabled for the domain name.

    -

    • true: PCI DDS check is enabled.

      -

    • false: PCI DDS check is disenabled.

      +

    Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected.

    +

    • true: Enable this check.

      +

    • false: Disable this check.

      +
    +

    Enumeration values:

    +

    • true

      +

    • false

    String

    Template name

    +

    Template type. The value can be:

    +

    • default: The default block page is returned when a request is blocked.

      +

    • custom: Your custom block page is returned when a request is blocked.

      +

    • redirect: The request is redirected to the URL you specify.

      +

    custom_page

    @@ -500,28 +572,54 @@
    -

    Status code: 400

    -
    Table 10 Response body parameters

    Parameter

    +
    - - - - - - - - + + +
    Table 10 Extend

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    ltsInfo

    String

    +

    String

    Error code

    +

    Details about LTS configuration

    error_msg

    +

    extend

    String

    +

    String

    Error message

    +

    Timeout configuration details.

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + @@ -529,26 +627,26 @@

    Status code: 401

    -
    Table 11 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message
    Table 11 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -556,26 +654,26 @@

    Status code: 500

    -
    Table 12 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    + + + + - + + + +
    Table 12 Response body parameters

    Parameter

    +
    - - - - - - - - diff --git a/docs/wafd/api-ref/CreatePrivacyRules.html b/docs/wafd/api-ref/CreatePrivacyRules.html index 9a1ee04e..6517bda0 100644 --- a/docs/wafd/api-ref/CreatePrivacyRules.html +++ b/docs/wafd/api-ref/CreatePrivacyRules.html @@ -1,9 +1,9 @@

    Creating a Data Masking Rule

    -

    Function

    Creating a Data Masking Rule

    +

    Function

    This API is used to create a data masking rule.

    -

    URI

    POST /v1/{project_id}/waf/policy/{policy_id}/privacy

    +

    URI

    POST /v1/{project_id}/waf/policy/{policy_id}/privacy

    Table 13 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -30,7 +30,7 @@ - diff --git a/docs/wafd/api-ref/CreatePunishmentRules.html b/docs/wafd/api-ref/CreatePunishmentRules.html new file mode 100644 index 00000000..4cb7a665 --- /dev/null +++ b/docs/wafd/api-ref/CreatePunishmentRules.html @@ -0,0 +1,318 @@ + + +

    Creating a Known Attack Source Rule

    +

    Function

    This API is used to create a known attack source rule.

    +
    +

    URI

    POST /v1/{project_id}/waf/policy/{policy_id}/punishment

    + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.
    + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    project_id

    +

    policy_id

    +

    Yes

    +

    String

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    +
    +
    + +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 2 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    auth token

    +

    Content-Type

    +

    Yes

    +

    String

    +

    Content type.

    +

    Default: application/json;charset=utf8

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + +
    Table 3 Request body parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    category

    +

    Yes

    +

    String

    +

    Type of the know attack source rule.

    +

    Enumeration values:

    +

    • long_ip_block

      +

    • long_cookie_block

      +

    • long_params_block

      +

    • short_ip_block

      +

    • short_cookie_block

      +

    • short_params_block

      +
    +

    block_time

    +

    Yes

    +

    Integer

    +

    Block duration, in seconds. If prefix long is selected for the rule type, the value for block_time ranges from 301 to 1800. If prefix short is selected for the rule type, the value for block_time ranges from 0 to 300.

    +

    description

    +

    No

    +

    String

    +

    Description

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    id

    +

    String

    +

    Rule ID

    +

    policyid

    +

    String

    +

    Policy ID

    +

    block_time

    +

    Integer

    +

    Block duration, in seconds.

    +

    category

    +

    String

    +

    Type of the know attack source rule.

    +

    description

    +

    String

    +

    Description

    +

    timestamp

    +

    Long

    +

    Timestamp the rule is created.

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 5 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 7 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    POST https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/punishment?
+
+{
+  "category" : "long_ip_block",
+  "block_time" : "1233",
+  "description" : "demo"
+}
    +
    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "block_time" : 1233,
+  "category" : "long_ip_block",
+  "description" : "demo",
+  "id" : "2c3afdcc982b429da4f72ee483aece3e",
+  "policyid" : "2fcbcb23ef0d48d99d24d7dcff00307d",
+  "timestamp" : 1668148186106
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    Request succeeded.

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    + +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/CreateValueList.html b/docs/wafd/api-ref/CreateValueList.html index 441177d2..a29ab7f9 100644 --- a/docs/wafd/api-ref/CreateValueList.html +++ b/docs/wafd/api-ref/CreateValueList.html @@ -1,9 +1,9 @@ -

    Adding a Reference Table

    +

    Creating a Reference Table

    Function

    This API is used to create a reference table. A reference table can be referenced by CC attack protection rules and precise protection rules. For details about how to use reference tables, see "Adding a Reference Table" under "Rule Configurations" in Web Application Firewall User Guide.

    -

    URI

    POST /v1/{project_id}/waf/valuelist

    +

    URI

    POST /v1/{project_id}/waf/valuelist

    @@ -87,7 +87,7 @@ - @@ -171,6 +171,23 @@ + + + + + + + +
    Table 1 Path Parameters

    Parameter

    String

    Reference table type. For details, see the enumeration list

    +

    Reference table type. For details, see the enumeration values as followed.

    Enumeration values:

    • url

    • params

      @@ -98,7 +98,7 @@

    • header

    • response_code

    • response_header

      -

    • resopnse_body

      +

    • response_body

    Value of the reference table

    description

    +

    String

    +

    Reference table description

    +

    producer

    +

    Integer

    +

    This parameter is reserved and can be ignored currently.

    +

    Enumeration values:

    +

    • 1

      +
    +
    diff --git a/docs/wafd/api-ref/CreateWhiteblackipRule.html b/docs/wafd/api-ref/CreateWhiteblackipRule.html index 414858b1..415f09aa 100644 --- a/docs/wafd/api-ref/CreateWhiteblackipRule.html +++ b/docs/wafd/api-ref/CreateWhiteblackipRule.html @@ -1,9 +1,9 @@

    Creating a Blacklist or Whitelist Rule

    -

    Function

    his API is used to create a blacklist or whitelist rule.

    +

    Function

    This API is used to create a blacklist or whitelist rule.

    -

    URI

    POST /v1/{project_id}/waf/policy/{policy_id}/whiteblackip

    +

    URI

    POST /v1/{project_id}/waf/policy/{policy_id}/whiteblackip

    @@ -30,7 +30,7 @@ - @@ -63,7 +63,7 @@ - @@ -81,7 +81,16 @@ - + + + + + @@ -96,7 +105,7 @@ - + + + + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    String

    Conten type.

    +

    Content type.

    Default: application/json;charset=utf8

    description

    +

    name

    +

    No

    +

    String

    +

    Rule name.

    +

    description

    No

    String

    lacklisted or whitelisted IP addresses

    +

    IP addresses or an IP address range. -IP addresses: IP addresses to be added to the blacklist or whitelist, for example, 192.x.x.3 -IP address range: IP address and subnet mask, for example, 10.x.x.0/24

    white

    @@ -112,6 +121,15 @@

    followed_action_id

    +

    No

    +

    String

    +

    ID of a known attack source rule. This parameter can be configured only when white is set to 0.

    +
    @@ -133,6 +151,13 @@

    Rule ID

    name

    +

    String

    +

    Rule name.

    +

    policyid

    String

    @@ -168,7 +193,7 @@

    String

    lacklisted or whitelisted IP addresses

    +

    Blacklisted or whitelisted IP addresses

    white

    @@ -182,6 +207,13 @@

    followed_action_id

    +

    String

    +

    ID of the known attack source rule.

    +
    @@ -284,8 +316,7 @@ "description" : "demo", "status" : 1, "addr" : "x.x.x.x", - "white" : 0, - "size" : 1 + "white" : 0 }

    Status Codes

    diff --git a/docs/wafd/api-ref/DeleteAnticrawlerRule.html b/docs/wafd/api-ref/DeleteAnticrawlerRule.html new file mode 100644 index 00000000..b1d2105a --- /dev/null +++ b/docs/wafd/api-ref/DeleteAnticrawlerRule.html @@ -0,0 +1,326 @@ + + +

    Deleting a JavaScript Anti-Crawler Rule

    +

    Function

    This API is used to delete a JavaScript anti-crawler rule.

    +
    +

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/anticrawler/{rule_id}

    + +
    + + + + + + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    Project ID. To obtain it, go to Cloud management console and hover the cursor over your username. On the displayed window, choose My Credentials. Then, in the Projects area, view Project ID of the corresponding project.

    +

    policy_id

    +

    Yes

    +

    String

    +

    ID of a protection policy. You can specify a protection policy ID to query the rules used in the protection policy. You can obtain the policy ID by calling the ListPolicy API.

    +

    rule_id

    +

    Yes

    +

    String

    +

    Rule ID.

    +
    +
    + +
    + + + + + + + + + + + +
    Table 2 Query Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    enterprise_project_id

    +

    No

    +

    String

    +

    You can obtain the ID by calling the ListEnterpriseProject API of EPS.

    +
    +
    +
    +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 3 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

    +

    Content-Type

    +

    Yes

    +

    String

    +

    Content type.

    +

    Default: application/json;charset=utf8

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    policyid

    +

    String

    +

    Policy ID.

    +

    id

    +

    String

    +

    Rule ID.

    +

    url

    +

    String

    +

    URL to which the rule applies.

    +

    logic

    +

    Integer

    +

    Rule matching logic

    +

    • 1: Include

      +

    • 2: Not include

      +

    • 3: Equal

      +

    • 4: Not equal

      +

    • 5: Prefix is

      +

    • 6: Prefix is not

      +

    • 7: Suffix is

      +

    • 8: Suffix is not

      +
    +

    name

    +

    String

    +

    Rule name.

    +

    type

    +

    String

    +

    JavaScript anti-crawler rule type.

    +

    • anticrawler_specific_url: used to protect a specific path specified by the rule.

      +

    • anticrawler_except_url: used to protect all paths except the one specified by the rule.

      +
    +

    timestamp

    +

    Long

    +

    Timestamp the rule is created.

    +

    status

    +

    Integer

    +

    Rule status. The value can be 0 or 1.

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

      +
    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 5 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 7 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    DELETE https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/anticrawler/{rule_id}?
    +
    +

    Example Responses

    Status code: 200

    +

    ok

    +
    {
+  "id" : "607d14b8153540c0af51a00fe2140d05",
+  "policyid" : "777716e0b7b84b5192b9d373f7c6d4f0",
+  "name" : "demo",
+  "timestamp" : 1675152776784,
+  "status" : 1,
+  "url" : "/patent/id",
+  "logic" : 3,
+  "type" : "anticrawler_except_url"
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    ok

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    +
    +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/DeleteAntileakageRule.html b/docs/wafd/api-ref/DeleteAntileakageRule.html new file mode 100644 index 00000000..32017495 --- /dev/null +++ b/docs/wafd/api-ref/DeleteAntileakageRule.html @@ -0,0 +1,298 @@ + + +

    Deleting an Information Leakage Prevention Rule

    +

    Function

    This API is used to delete an information leakage prevention rule.

    +
    +

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}

    + +
    + + + + + + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    project ID

    +

    policy_id

    +

    Yes

    +

    String

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    +

    rule_id

    +

    Yes

    +

    String

    +

    ID of the information leakage protection rule. It can be obtained by calling the ListAntileakageRules API.

    +
    +
    +
    +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 2 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    auth token

    +

    Content-Type

    +

    No

    +

    String

    +

    Content type.

    +

    Default: application/json;charset=utf8

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 3 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    id

    +

    String

    +

    Rule ID

    +

    url

    +

    String

    +

    URL to which the rule applies.

    +

    category

    +

    String

    +

    Sensitive information type in the information leakage prevention rule.

    +

    • sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.

      +

    • code: The rule blocks response pages of specified HTTP response code.

      +
    +

    Enumeration values:

    +

    • code

      +

    • sensitive

      +
    +

    contents

    +

    Array of strings

    +

    Content corresponding to the sensitive information type. Multiple options can be set.

    +

    • When category is set to code, the pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.

      +

    • When category is set to sensitive, parameters phone, id_card, and email can be set.

      +
    +

    timestamp

    +

    Long

    +

    Timestamp the rule is created.

    +

    description

    +

    String

    +

    Rule description.

    +

    status

    +

    Integer

    +

    Rule status. The value can be:

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

      +
    +

    Enumeration values:

    +

    • 0

      +

    • 1

      +
    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 5 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    DELETE https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}?
    +
    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "id" : "82c4f04f84fd4b2b9ba4b4ea0df8ee82",
+  "policyid" : "2fcbcb23ef0d48d99d24d7dcff00307d",
+  "timestamp" : 1668152426471,
+  "description" : "demo",
+  "status" : 1,
+  "url" : "/attack",
+  "category" : "sensitive",
+  "contents" : [ "id_card" ]
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    Request succeeded.

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    +
    +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/DeleteAntitamperRule.html b/docs/wafd/api-ref/DeleteAntitamperRule.html index 3ba95933..69d05df6 100644 --- a/docs/wafd/api-ref/DeleteAntitamperRule.html +++ b/docs/wafd/api-ref/DeleteAntitamperRule.html @@ -3,7 +3,7 @@

    Deleting a Web Tamper Protection Rule

    Function

    This API is used to delete a web tamper protection rule.

    -

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}

    +

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}

    @@ -30,7 +30,7 @@ - - @@ -132,7 +132,7 @@ -
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    Rule ID

    +

    ID of the web tamper protection rule. It can be obtained by calling the ListAntitamperRules API.

    String

    Domain name protected by the web tamper protection rule

    +

    The domain name of the website protected with the web tamper protection rule. The domain name is in the format of xxx.xxx.com, such as www.example.com.

    url

    diff --git a/docs/wafd/api-ref/DeleteCcRule.html b/docs/wafd/api-ref/DeleteCcRule.html index 45c5d7d5..cb5cb359 100644 --- a/docs/wafd/api-ref/DeleteCcRule.html +++ b/docs/wafd/api-ref/DeleteCcRule.html @@ -3,7 +3,7 @@

    Deleting a CC Attack Protection Rule

    Function

    This API is used to delete a CC attack protection rule.

    -

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}

    +

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}

    @@ -21,7 +21,7 @@ - - - @@ -127,39 +127,7 @@ - - - - - - - - - - - - - - - - @@ -173,6 +141,82 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - - - - - + + + + + + + +
    Table 1 Path Parameters

    Parameter

    String

    Content type.

    +

    project ID

    policy_id

    @@ -30,7 +30,7 @@

    String

    Policy ID. It can be obtained by calling the API Querying Protection Policies.

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    ccRuleId

    +

    ID of the cc rule. It can be obtained by calling the ListCcRules API.

    Mode.

    • 0: Standard.

      -

    • 1: Advanced

      -
    -

    limit_num

    -

    String

    -

    Number of requests allowed from a web visitor in a rate limiting period

    -

    limit_period

    -

    String

    -

    Rate limiting period

    -

    lock_time

    -

    String

    -

    How long a web visitor will be locked The value range is [0 to 2^32), in seconds.

    -

    tag_type

    -

    String

    -

    Protection mode.

    -

    • ip: IP-based rate limiting. Website visitors are identified by IP address.

      -

    • cookie: User-based rate limiting. Website visitors are identified by the cookie key value.

      -

    • other: A website visitor is identified by the Referer field (user-defined request source).

      +

    • 1: Advanced.

    conditions

    +

    Array of CcCondition objects

    +

    Rate limit conditions of the CC attack protection rule. This parameter is mandatory when the CC attack protection rule is in advanced mode (i.e. the value of mode is 1).

    +

    action

    +

    action object

    +

    Protection action to take if the number of requests reaches the upper limit.

    +

    tag_type

    +

    String

    +

    Rate limit mode.

    +

    • ip: IP-based rate limiting. Website visitors are identified by IP address.

      +

    • cookie: User-based rate limiting. Website visitors are identified by the cookie key value.

      +

    • other: Website visitors are identified by the Referer field (user-defined request source).

      +
    +

    Enumeration values:

    +

    • ip

      +

    • other

      +

    • cookie

      +

    • header

      +
    +

    tag_index

    +

    String

    +

    User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).

    +

    • cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.

      +

    • header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.

      +
    +

    tag_condition

    +

    tag_condition object

    +

    User tag. This parameter is mandatory when the rate limit mode is set to other. - other: A website visitor is identified by the Referer field (user-defined request source).

    +

    limit_num

    +

    Integer

    +

    Rate limit frequency based on the number of requests. The value ranges from 1 to 2,147,483,647.

    +

    limit_period

    +

    Integer

    +

    Rate limit period, in seconds. The value ranges from 1 to 3,600.

    +

    unlock_num

    +

    Integer

    +

    Allowable frequency based on the number of requests. The value ranges from 0 to 2,147,483,647. This parameter is required only when the protection action type is dynamic_block.

    +

    lock_time

    +

    Integer

    +

    Block duration, in seconds. The value ranges from 0 to 65,535. Specifies the period within which access is blocked. An error page is displayed in this period.

    +

    description

    String

    @@ -180,18 +224,32 @@

    Rule description

    action

    +

    total_num

    action object

    +

    Integer

    Action to take if the number of requests reaches the upper limit.

    +

    This parameter is reserved and can be ignored currently.

    conditions

    +

    unaggregation

    Array of conditions objects

    +

    Boolean

    Condition list. This parameter is returned when mode is set to 1.

    +

    This parameter is reserved and can be ignored currently.

    +

    aging_time

    +

    Integer

    +

    Rule aging time. This parameter is reserved and can be ignored currently.

    +

    producer

    +

    Integer

    +

    Rule creation object. This parameter is reserved and can be ignored currently.

    timestamp

    @@ -205,7 +263,7 @@
    -
    Table 4 action

    Parameter

    +
    @@ -217,28 +275,77 @@ - - - + + + + + + + + + + + +
    Table 4 CcCondition

    Parameter

    Type

    String

    Action type:

    -

    • block: WAF blocks discovered attacks.

      -

    • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

      -

    • If tag_type is set to other, the value can only be block.

      +

    Field type. The value can be url, ip, params, cookie, or header.

    +

    Enumeration values:

    +

    • url

      +

    • ip

      +

    • params

      +

    • cookie

      +

    • header

    detail

    +

    logic_operation

    String

    Action details. If detail is null, the default block page is displayed by default.

    -

    • This parameter cannot be included when category is set to captcha.

      -

    • This parameter is required when category is set to block.

      +

    Logic for matching the condition.

    +

    • If the category is url, the optional operations are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal and len_not_equal

      +

    • If the category is ip, the optional operations are: equal, not_equal, , equal_any and not_equal_all

      +

    • If the category is params, cookie and header, the optional operations are: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal, len_not_equal, num_greater, num_less, num_equal, num_not_equal, exist and not_exist

    +

    Enumeration values:

    +

    • contain

      +

    • not_contain

      +

    • equal

      +

    • not_equal

      +

    • prefix

      +

    • not_prefix

      +

    • suffix

      +

    • not_suffix

      +

    • contain_any

      +

    • not_contain_all

      +

    • equal_any

      +

    • not_equal_all

      +

    • prefix_any

      +

    • not_prefix_all

      +

    • suffix_any

      +

    • not_suffix_all

      +

    • num_greater

      +

    • num_less

      +

    • num_equal

      +

    • num_not_equal

      +

    • exist

      +

    • not_exist

      +
    +

    contents

    +

    Array of strings

    +

    Content of the conditions. This parameter is mandatory when the suffix of logic_operation is not any or all.

    +

    value_list_id

    +

    String

    +

    Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is mandatory when the suffix of logic_operation is any or all. The reference table type must be the same as the category type.

    +

    index

    +

    String

    +

    Subfield. When category is set to params, cookie, or header, set this parameter based on site requirements. This parameter is mandatory.
    -
    Table 5 detail

    Parameter

    +
    @@ -246,18 +353,39 @@ - - - + + + +
    Table 5 action

    Parameter

    Type

    response

    +

    category

    response object

    +

    String

    Returned page.

    +

    Action type:

    +

    • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

      +

    • block: WAF blocks the requests. When tag_type is set to other, the value can only be block.

      +

    • log: WAF logs the event only.

      +

    • dynamic_block: In the previous rate limit period, if the request frequency exceeds the value of Rate Limit Frequency, the request is blocked. In the next rate limit period, if the request frequency exceeds the value of Permit Frequency, the request is still blocked. Note: The dynamic_block protection action can be set only when the advanced protection mode is enabled for the CC protection rule.

      +
    +

    Enumeration values:

    +

    • captcha

      +

    • block

      +

    • log

      +

    • dynamic_block

      +
    +

    detail

    +

    detail object

    +

    Block page information. When protection action category is set to block or dynamic_block, you need to set the returned block page.

    +

    • If you want to use the default block page, this parameter can be excluded.

      +

    • If you want to use a custom block page, set this parameter.

      +
    -
    Table 6 response

    Parameter

    +
    @@ -265,25 +393,18 @@ - - - - - - -
    Table 6 detail

    Parameter

    Type

    content_type

    +

    response

    String

    +

    response object

    Content type. The value can only be application/json, text/html, or text/xml.

    -

    content

    -

    String

    -

    Contents

    +

    Block Page
    -
    Table 7 conditions

    Parameter

    +
    @@ -291,39 +412,49 @@ - - - - - - - - - +
    Table 7 response

    Parameter

    Type

    category

    +

    content_type

    String

    Field type. The options are as follows: ip, cookie, and url

    -

    index

    -

    String

    -

    Parameter description:

    -

    • When the field type is ip or url, the index parameter is not required.

      -

    • When the field type is cookie and the subfield is customized, the value of index is the customized subfield.

      +

    Content type. The value can only be application/json, text/html, or text/xml.

    +

    Enumeration values:

    +

    • application/json

      +

    • text/html

      +

    • text/xml

    logic_operation

    +

    content

    String

    Condition matching logic. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, equal_any, and not_equal_any, contain_any, and not_contain_any.

    -

    • When the field type is url, the following matching logics are supported: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix.

      -

    • When the field type is ip, the following matching logics are supported: equal, not_equal, equal_any, and not_equal_any.

      -

    • When category is set to cookie, the following matching logics are supported: contain, not_contain, equal, not_equal. prefix, not_prefix, suffix, not_suffix, contain_any, and not_contain_any.

      -
    +

    Block page information.

    contents

    +
    +
    + +
    + + + + + - - + + + + @@ -331,26 +462,26 @@

    Status code: 400

    -
    Table 8 tag_condition

    Parameter

    +

    Type

    +

    Description

    +

    category

    Array of strings

    +

    String

    Content of the conditions.

    +

    User identifier. The value is fixed at referer.

    +

    contents

    +

    Array of strings

    +

    Content of the user identifier field.
    Table 8 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -358,26 +489,26 @@

    Status code: 401

    -
    Table 9 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    - + + + + @@ -325,24 +387,24 @@

    Example Responses

    Status code: 200

    Request succeeded.

    {
+  "id" : "88e8bf4158324b2d9a233e7ffb95516d",
+  "policyid" : "dde63c25e8394b21b16a2a49a99e659b",
+  "timestamp" : 1678799936830,
+  "description" : "",
+  "status" : 1,
+  "time" : false,
+  "priority" : 50,
+  "action_mode" : false,
+  "conditions" : [ {
+    "category" : "url",
+    "contents" : [ "test" ],
+    "logic_operation" : "contain"
+  } ],
   "action" : {
     "category" : "block"
   },
-  "action_mode" : false,
-  "aging_time" : 0,
-  "conditions" : [ {
-    "category" : "header",
-    "index" : "demo",
-    "logic_operation" : "contain",
-    "content" : [ "demo" ]
-  } ],
-  "description" : "",
-  "id" : "2a3caa2bc9814c09ad73d02e3485b4a4",
-  "policyid" : "1f016cde588646aca3fb19f277c44d03",
-  "priority" : 50,
-  "status" : 1,
-  "time" : false,
-  "timestamp" : 1656495488880
+  "producer" : 1,
+  "aging_time" : 0
 }

    Status Codes

    diff --git a/docs/wafd/api-ref/DeleteGeoipRule.html b/docs/wafd/api-ref/DeleteGeoipRule.html index f11fa40d..11037885 100644 --- a/docs/wafd/api-ref/DeleteGeoipRule.html +++ b/docs/wafd/api-ref/DeleteGeoipRule.html @@ -3,7 +3,7 @@

    Deleting a Geolocation Access Control Rule

    Function

    This API is used to delete a geolocation access control rule.

    -

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}

    +

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}

    Table 9 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -385,26 +516,26 @@

    Status code: 500

    -
    Table 10 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -203,7 +217,35 @@ - + + + +
    Table 10 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -416,7 +547,6 @@

    Example Responses

    Status code: 200

    Request succeeded.

    {
-  "aging_time" : 0,
   "description" : "",
   "id" : "a5f3fd28db564696b199228f0ac346b2",
   "limit_num" : 10,
@@ -425,12 +555,13 @@
   "mode" : 0,
   "policyid" : "1f016cde588646aca3fb19f277c44d03",
   "prefix" : false,
-  "producer" : 1,
   "status" : 1,
   "tag_type" : "ip",
   "timestamp" : 1656494435686,
   "total_num" : 0,
+  "aging_time" : 0,
   "unaggregation" : false,
+  "producer" : 1,
   "url" : "/path1"
 }
    diff --git a/docs/wafd/api-ref/DeleteCertificate.html b/docs/wafd/api-ref/DeleteCertificate.html index ccb890be..ec58953c 100644 --- a/docs/wafd/api-ref/DeleteCertificate.html +++ b/docs/wafd/api-ref/DeleteCertificate.html @@ -3,7 +3,7 @@

    Deleting a Certificate

    Function

    This API is used to delete a certificate.

    -

    URI

    DELETE /v1/{project_id}/waf/certificate/{certificate_id}

    +

    URI

    DELETE /v1/{project_id}/waf/certificate/{certificate_id}

    Table 11 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    diff --git a/docs/wafd/api-ref/DeleteCustomRule.html b/docs/wafd/api-ref/DeleteCustomRule.html index fa0895a3..e3c3fadf 100644 --- a/docs/wafd/api-ref/DeleteCustomRule.html +++ b/docs/wafd/api-ref/DeleteCustomRule.html @@ -3,7 +3,7 @@

    Deleting a Precise Protection Rule

    Function

    This API is used to delete a precise protection rule.

    -

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}

    +

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}

    Table 1 Path Parameters

    Parameter
    @@ -30,7 +30,7 @@ - - @@ -68,7 +68,7 @@ - @@ -135,13 +135,6 @@ - - - - + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID.

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    customRuleId

    +

    ID of the precise protection rule. It can be obtained by calling the ListCustomeRules API.

    Content-Type

    Yes

    +

    No

    String

    Protective action of the precise protection rule.

    action_mode

    -

    Boolean

    -

    This parameter is reserved and can be ignored.

    -

    priority

    Integer

    @@ -170,6 +163,27 @@

    Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.

    action_mode

    +

    Boolean

    +

    This parameter is reserved and can be ignored currently.

    +

    aging_time

    +

    Integer

    +

    Rule aging time. This parameter is reserved and can be ignored currently.

    +

    producer

    +

    Integer

    +

    Rule creation object. This parameter is reserved and can be ignored currently.

    +
    @@ -195,7 +209,7 @@

    Subfield

    • When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.

      -

    • If the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

      +

    • When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

    String

    Logic for matching the condition. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix. For more details, see the console UI.

    +

    Logic for matching the condition.

    +

    Enumeration values:

    +

    • contain

      +

    • not_contain

      +

    • equal

      +

    • not_equal

      +

    • prefix

      +

    • not_prefix

      +

    • suffix

      +

    • not_suffix

      +

    • contain_any

      +

    • not_contain_all

      +

    • equal_any

      +

    • not_equal_all

      +

    • prefix_any

      +

    • not_prefix_all

      +

    • suffix_any

      +

    • not_suffix_all

      +

    • len_greater

      +

    • len_less

      +

    • len_equal

      +

    • len_not_equal

      +

    • num_greater

      +

    • num_less

      +

    • num_equal

      +

    • num_not_equal

      +

    • exist

      +

    • not_exist

      +

    contents

    @@ -213,6 +255,13 @@

    Content of the conditions.

    value_list_id

    +

    String

    +

    Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is available only when a reference table is used when a protection rule is created.

    +
    @@ -229,10 +278,23 @@

    String

    Action type.

    -

    • block: WAF blocks attacks.

      -

    • pass: WAF allows requests.

      +

    Operation type

    +

    • block: WAF blocks attacks.

      +

    • pass: WAF allows requests.

      +

    • log: WAF only logs detected attacks.

    +

    Enumeration values:

    +

    • block

      +

    • pass

      +

    • log

      +
    +

    followed_action_id

    +

    String

    +

    ID of a known attack source rule. This parameter can be configured only when category is set to block.
    @@ -30,7 +30,7 @@ - - @@ -104,6 +104,20 @@ + + + + + + + + @@ -264,6 +279,7 @@ "timestamp" : 1650534513775, "description" : "demo", "status" : 1, + "geoTagList" : [ "BR" ], "geoip" : "BR", "white" : 0 } diff --git a/docs/wafd/api-ref/DeleteIgnoreRule.html b/docs/wafd/api-ref/DeleteIgnoreRule.html index f25d00eb..1fa0f51a 100644 --- a/docs/wafd/api-ref/DeleteIgnoreRule.html +++ b/docs/wafd/api-ref/DeleteIgnoreRule.html @@ -1,9 +1,9 @@ -

    Deleting a False Alarm Masking Rule

    -

    Function

    This API is used to query a false alarm masking rule.

    +

    Deleting a Global Protection Whitelist (False Alarm Masking) Rule

    +

    Function

    This API is used to deleting a global protection whitelist (false alarm masking) rule.

    -

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}

    +

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}

    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    Rule ID

    +

    ID of the geolocation access control rule. It can be obtained by calling the ListGeoipRules API.

    Policy ID

    name

    +

    String

    +

    Rule name. Currently, the console does not support configuring names for geolocation access control rule. Ignore this parameter.

    +

    geoTagList

    +

    Array of strings

    +

    List of geographical locations hit the geolocation access control rule.

    +

    geoip

    String

    @@ -130,6 +144,7 @@

  • South Africa: South Africa

  • Mexico: Mexico

  • Peru: Peru

    +

  • For more geographical location codes, see "Appendix - Geographic Location Codes."

    		•
    @@ -30,7 +30,7 @@ - - @@ -82,7 +82,7 @@

    Response Parameters

    Status code: 200

    -
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    Rule ID

    +

    ID of the false alarm masking rule. It can be obtained by calling the ListIgnoreRules API.
    Table 3 Response body parameters

    Parameter

    +
    @@ -94,96 +94,78 @@ - - - - - - - - - - - - - - - - - - - - - + + + +
    Table 3 Response body parameters

    Parameter

    Type

    String

    Rule ID.

    +

    Rule ID

    policyid

    String

    Policy ID.

    +

    Policy ID

    timestamp

    Long

    Rule creation time.

    -

    description

    -

    String

    -

    Provides supplementary information about the assignment.

    +

    Timestamp the rule was created.

    status

    Integer

    Rule status. The value can be:

    -

    • 0: The rule is disabled.

      -

    • 1: The rule is enabled.

      +

    Rule status. The value can be 0 or 1.

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

    url

    -

    String

    -

    URL protected by the web tamper protection rule. The value must be in the standard URL format, for example, /admin.

    -

    rule

    String

    Masked rule. The value can be the ID of a rule that is matched, all rules (all), or enumeration value of the attack type. To mask a built-in rule included in Basic Web Protection, set this parameter to the ID of the rule. To obtain the rule ID, go to the WAF console. Then, choose Policies and click the policy name. On the displayed page, find the Basic Web Protection area and click Advanced Settings. On the displayed page, click Protection Rule and view the rule ID. To disable a certain type of rule, the value can be:

    -

    • xss or sqli: XSS attacks

      -

    • cmdi: Command injectionrobot: Malicious crawlers

      -

    • lfi: Local file inclusion

      -

    • rfi: Remote file inclusionwebshell: Website Trojans

      -

    • cc: CC attacks -custom_custom: Precise protection

      -

    • custom_whiteblackip: IP address blacklist and whitelist

      -

    • custom_geoip: Geolocation access control

      -

    • antitamper: Web tamper protection

      -

    • anticrawler: Anti-crawler protection

      -

    • leakage: Data leakage prevention

      -

    • illegal: Illegal requests

      -

    • vuln: Other attack types

      +

    Items to be masked. You can provide multiple items and separate them with semicolons (;).

    +

    • If you want to disable a specific built-in rule for a domain name, the value of this parameter is the rule ID. When requests are blocked against a certain built-in rule while you do not want this rule to block requests later, you can query the rule in the Events page on the console and find its rule ID in the Hit Rule column. Then, you can disk the rule by its ID (including 6 digits).

      +

    • If you want to mask a type of basic web protection rules, set this parameter to the name of the type of basic web protection rules. xss: XSS attacks webshell: Web shells vuln: Other types of attacks sqli: SQL injection attack robot: Malicious crawlers rfi: Remote file inclusion lfi: Local file inclusion cmdi: Command injection attack

      +

    • To bypass the basic web protection, set this parameter to all.

      +

    • To bypass all WAF protection, set this parameter to bypass.

    url_logic

    +

    mode

    String

    +

    Integer

    URL match logic:

    -

    • equal: full match

      -

    • prefix: prefix match

      -
    +

    The value is fixed at 1, indicating v2 false alarm masking rules are used.

    domains

    +

    conditions

    Array of strings

    +

    Array of Condition objects

    Protected domain name

    +

    Condition list

    advanced

    advanced object

    +

    Array of Advanced objects

    advanced

    +

    Advanced settings

    +

    domain

    +

    Array of strings

    +

    Domain names to be protected. If the array length is 0, this rule will take effect for all domain names that are protected by the policies this rule belongs to.
    -
    Table 4 advanced

    Parameter

    +
    @@ -191,24 +173,68 @@ - - + + + + + + + + + + + + + + + + + + +
    Table 4 Condition

    Parameter

    Type

    index

    +

    category

    String

    To ignore attacks of a specified field, specify the field in the Advanced Settings area. After you complete the configuration, WAF will stop intercepting attack events of the specified field. The following fields are supported:

    -

    • cookie: session cookie

      -

    • header: header field

      -

    • body: body field

      -

    • multipart: multipart/form-data type data

      -

    • params: parameter

      +

    Field type. The value can be ip, url, params, cookie, or header.

    +

    contents

    +

    Array of strings

    +

    Content. The array length must be 1. The content format varies depending on field types. For example, if the field type is ip, the value must be an IP address or IP address range. If the field type is url, the value must be a URL in standard format. If the field type is params, cookie, or header, the content format is not limited.

    +

    logic_operation

    +

    String

    +

    The matching logic varies depending on the field type. For example, if the field type is ip, the logic can be equal or not_equal. If the field type is url, params, cookie, or header, the logic can be equal, not_equal, contain, not_contain, prefix, not_prefix, suffix, not_suffix.

    +

    check_all_indexes_logic

    +

    Integer

    +

    This parameter is reserved and can be ignored.

    +

    index

    +

    String

    +

    If the field type is ip and the subfield is the client IP address, the index parameter does not exist. If the subfield type is X-Forwarded-For, the value is x-forwarded-for. If the field type is params, header, or cookie, and the subfield is user-defined, the value of index is the user-defined subfield.

    +
    +
    + +
    + + + + + + + - - - @@ -216,26 +242,26 @@

    Status code: 400

    -
    Table 5 Advanced

    Parameter

    +

    Type

    +

    Description

    +

    index

    +

    String

    +

    Field type. The following field types are supported: Params, Cookie, Header, Body, and Multipart.

    +

    • When you select Params, Cookie, or Header, you can set this parameter to all or configure subfields as required.

      +

    • When you select Body or Multipart, set this parameter to all.

    content

    +

    contents

    String

    +

    Array of strings

    Specified field (available only for param, cookie, and header)

    +

    Subfield of the specified field type. The default value is all.
    Table 5 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -243,26 +269,26 @@

    Status code: 401

    -
    Table 6 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 6 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -270,46 +296,50 @@

    Status code: 500

    -
    Table 7 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 7 Response body parameters

    Parameter

    +
    - - - - - - - -
    Table 8 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    -

    Example Requests

    DELETE https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/ignore?
    +

    Example Requests

    DELETE https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}?

    Example Responses

    Status code: 200

    Request succeeded.

    {
-  "id" : "c20f67b3e1c040c0b0d8866e568ee8bf",
-  "policyid" : "a75e96d8284c4c4f98ada7d391e8342c",
-  "timestamp" : 1656507126528,
-  "description" : "",
+  "id" : "40484384970948d79fffe4e4ae1fc54d",
+  "policyid" : "f385eceedf7c4c34a4d1def19eafbe85",
+  "timestamp" : 1650512535222,
+  "description" : "demo",
   "status" : 1,
-  "domain" : [ "test3.th.com" ],
-  "rule" : "webshell",
-  "url_logic" : "equal",
-  "url" : "/demo"
+  "rule" : "091004",
+  "mode" : 1,
+  "conditions" : [ {
+    "category" : "ip",
+    "contents" : [ "x.x.x.x" ],
+    "logic_operation" : "equal"
+  } ],
+  "domain" : [ "www.example.com" ]
 }

    Status Codes

    diff --git a/docs/wafd/api-ref/DeleteInstance.html b/docs/wafd/api-ref/DeleteInstance.html index 2fde5fc6..4794f3ad 100644 --- a/docs/wafd/api-ref/DeleteInstance.html +++ b/docs/wafd/api-ref/DeleteInstance.html @@ -3,7 +3,7 @@

    Deleting a Dedicated WAF Engine

    Function

    This API is used to delete a dedicated WAF engine.

    -

    URI

    DELETE /v1/{project_id}/premium-waf/instance/{instance_id}

    +

    URI

    DELETE /v1/{project_id}/premium-waf/instance/{instance_id}

    @@ -50,7 +50,7 @@ - @@ -59,7 +59,7 @@ - @@ -180,7 +180,7 @@ - - - - - - - - -
    Table 1 Path Parameters

    Parameter

    X-Auth-Token

    No

    +

    Yes

    String

    Content-Type

    Yes

    +

    No

    String

    Integer

    unning status of the dedicated engine. The value can be 0 (creating), 1 (running), 2 (deleting), 3 (deleted), 4 (creation failed), 5 (frozen), 6 (abnormal), 7 (updating), or 8 (update failed).

    +

    Running status of the dedicated engine. The value can be 0 (creating), 1 (running), 2 (deleting), 3 (deleted), 4 (creation failed), 5 (frozen), 6 (abnormal), 7 (updating), or 8 (update failed).

    access_status

    @@ -197,7 +197,10 @@

    Integer

    Whether the dedicated engine can be upgraded. The value can be 0 for no or 1 for yes.

    +

    Whether the dedicated engine can be upgraded.

    +

    • 0: the dedicated engine is non-upgradable

      +

    • 1: the dedicated engine is upgradable

      +

    cloudServiceType

    @@ -225,14 +228,7 @@

    String

    Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB.

    -

    hosts

    -

    Array of IdHostnameEntry objects

    -

    Domain name protected by the dedicated engine.

    +

    Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB. 8vCPUs | 16GB maps to waf.instance.enterprise, and 2vCPUs | 4GB to waf.instance. professional.

    server_id

    @@ -249,30 +245,25 @@

    ID of the ECS hosting the dedicated engine. This parameter is the same as server_id, and will be deleted.
    -
    - -
    - - - - - - - - - - + + + + @@ -280,26 +271,26 @@

    Status code: 400

    -
    Table 4 IdHostnameEntry

    Parameter

    -

    Type

    -

    Description

    -

    id

    +

    create_time

    String

    +

    Long

    ID of the protected domain name. This is a unique ID automatically generated by the system.

    +

    Timestamp when the dedicated WAF engine was created.

    hostname

    +

    data_volume_size

    String

    +

    Integer

    Protected domain name

    +

    Size of the data disk, in GB.

    +

    res_tenant_type

    +

    Integer

    +

    Type of the dedicated WAF instance. Its value is always 1, which means the type of the dedicated WAF instance is Network Interface.
    Table 5 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -307,26 +298,26 @@

    Status code: 401

    -
    Table 4 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 6 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -334,26 +325,26 @@

    Status code: 500

    -
    Table 5 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    - - - - - @@ -273,7 +284,7 @@ - + + + + - + + + + - - - @@ -416,9 +451,34 @@
    Table 7 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -384,10 +375,6 @@ "cpu_flavor" : "Si2.2xlarge.2", "run_status" : 2, "access_status" : 1, - "hosts" : [ { - "id" : "c3be17bbe3a641c7a1ded6019c377402", - "hostname" : "demo.www.com" - } ], "instancename" : "0412elb", "instance_name" : "0412elb" } diff --git a/docs/wafd/api-ref/DeletePolicy.html b/docs/wafd/api-ref/DeletePolicy.html index e58d9c2c..e3d3e1d3 100644 --- a/docs/wafd/api-ref/DeletePolicy.html +++ b/docs/wafd/api-ref/DeletePolicy.html @@ -3,7 +3,7 @@

    Deleting a Policy

    Function

    This API is used to delete a policy.

    -

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}

    +

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}

    Table 6 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -115,7 +115,7 @@ @@ -137,6 +137,34 @@ + + + + + + + + + + + + + + + + - - - -
    Table 1 Path Parameters

    Parameter

    Protection level

    • 1: WAF detects wget, cURL, and more but does not detect XSS and command injection attacks in the header, so you may miss more vulnerabilities that actually exist. If you find out that configured protection rules are affecting your services, adjust the protection level to 1.

      -

    • 2: WAF detects remote file inclusion, third-party software vulnerabilities, web shell, and cp and ftp commands. This is the default value.

      +

    • 2: WAF detects remote file inclusion, third-party software vulnerabilities, web shell and ftp commands. This is the default value.

    • 3: If you need a stricter protection level, set this parameter to 3. This may increase the false positive rate but decrease the false negative rate, such as nc, nmap, and kill.

    Basic information about the protected domain.

    hosts

    +

    Array of strings

    +

    Array of IDs of protected domain names. The ID of a protected domain name is unique and generated by WAF when you add the domain name to WAF. To obtain the IDs, call the API Querying Domain Names Protected by Dedicated WAF Engines. To add a domain name to WAF, call the API Adding a Protected Domain Name.

    +

    robot_action

    +

    Action object

    +

    Feature-based anti-crawler protection mode. This parameter is unavailable for newly created protection policies. The default protection mode is Log only.

    +

    extend

    +

    PolicyExtend object

    +

    Switch for enabling or disabling Deep Inspection and Header Inspection in Basic Web Protection.

    +

    modulex_options

    +

    ModulexOptions object

    +

    Whether to enable intelligent CC protection. This parameter is reserved and can be ignored currently.

    +

    timestamp

    Integer

    @@ -144,13 +172,6 @@

    Time a policy is created

    extend

    -

    Map<String,String>

    -

    Extended field

    -
    @@ -213,19 +234,9 @@

    Boolean

    Whether anti-crawler protection is enabled. Anti-crawler protection includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

    -

    • true: enabled

      -

    • false: disabled

      -
    -

    crawler

    -

    Boolean

    -

    Whether feature-based anti-crawler is enabled. This parameter is fixed at true.

    -

    • true: enabled

      -

    • false: disabled

      +

    JavaScript anti-crawler function.

    +

    • true: Enabled

      +

    • false: Disabled

    Boolean

    Whether other crawler check is enabled. The value can be:

    +

    Whether webshell check is enabled. The value can be:

    • true: enabled

    • false: disabled

    @@ -359,25 +370,49 @@

    followed_action

    +

    Boolean

    +

    Whether the Known Attack Source protection is enabled.. The value can be:

    +

    • true: enabled

      +

    • false: disabled

      +
    +

    bot_enable

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    Feature-based anti-crawler. This feature includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

    +

    • true: Enabled

      +

    • false: Disabled

      +
    +

    crawler

    +

    Boolean

    +

    This parameter is reserved and can be ignored currently.

    precise

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter is reserved and can be ignored currently.

    followed_action

    +

    modulex_enabled

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter is reserved and can be ignored currently.

    +

    Enumeration values:

    +

    • true

      +

    • false

      +
    -

    Status code: 400

    -
    Table 7 Response body parameters

    Parameter

    +
    + + + + + + + + + +
    Table 7 Action

    Parameter

    +

    Type

    +

    Description

    +

    category

    +

    String

    +

    Protective action for feature-based anti-crawler rules:

    +

    • log: WAF only logs discovered attacks.

      +

    • block: WAF blocks discovered attacks.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +
    +
    + +
    @@ -426,18 +486,192 @@ - - - +
    Table 8 PolicyExtend

    Parameter

    Type

    error_code

    +

    extend

    String

    Error code

    +

    Protection statuses for advanced settings in basic web protection. By default, this parameter is left blank, and the Deep Inspection and Header Inspection are disabled.

    +

    • If deep_decode is set to true, the Deep Inspection is enabled.

      +

    • If check_all_headers is set to true, the Header Inspection is enabled.

      +

    • If deep_decode and check_all_headers are set to false, the Deep Inspection and Header Inspection are disabled.

      +

    error_msg

    +
    +
    + +
    + + + + + - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 9 ModulexOptions

    Parameter

    +

    Type

    +

    Description

    +

    global_rate_enabled

    String

    +

    Boolean

    Error message

    +

    Status of the global rate limiting function (counting requests to all WAF instances when limiting traffic).

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    global_rate_mode

    +

    String

    +

    Protection mode of the global rate limiting function.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    precise_rules_enabled

    +

    Boolean

    +

    Status of the intelligent precise protection.

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    precise_rules_mode

    +

    String

    +

    Protection mode of the intelligent precise protection.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    precise_rules_managed_mode

    +

    String

    +

    Management mode of the intelligent precise protection.

    +

    • auto: WAF manages automatically generated rules.

      +

    • manual: You can manage rules that are automatically generated by WAF.

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    precise_rules_aging_mode

    +

    String

    +

    Aging mode of the intelligent precise protection.

    +

    • manual: You can customize the maximum age of the rule.

      +

    • auto: Automatic

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    precise_rules_retention

    +

    Integer

    +

    Maximum age of the intelligent precise protection.

    +

    cc_rules_enabled

    +

    Boolean

    +

    Status of the intelligent CC attack protection.

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    cc_rules_mode

    +

    String

    +

    Protection mode of the intelligent CC attack protection rule.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    cc_rules_managed_mode

    +

    String

    +

    Management mode of the intelligent CC attack protection.

    +

    • auto: WAF manages automatically generated rules.

      +

    • manual: You can manage rules that are automatically generated by WAF.

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    cc_rules_aging_mode

    +

    String

    +

    Aging mode of the intelligent CC attack protection..

    +

    • manual: You can customize the maximum age of the rule.

      +

    • auto: Automatic

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    cc_rules_retention

    +

    Integer

    +

    Maximum age of the intelligent CC attack protection.

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + @@ -445,26 +679,26 @@

    Status code: 401

    -
    Table 10 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message
    Table 8 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -472,26 +706,26 @@

    Status code: 500

    -
    Table 11 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 9 Response body parameters

    Parameter

    +
    - - - - - - - - diff --git a/docs/wafd/api-ref/DeletePremiumHost.html b/docs/wafd/api-ref/DeletePremiumHost.html index ae79be73..ca699149 100644 --- a/docs/wafd/api-ref/DeletePremiumHost.html +++ b/docs/wafd/api-ref/DeletePremiumHost.html @@ -3,7 +3,7 @@

    Deleting a Domain Name from a Dedicated WAF Instance

    Function

    This API is used to delete a domain name from a dedicated WAF instance.

    -

    URI

    DELETE /v1/{project_id}/premium-waf/host/{host_id}

    +

    URI

    DELETE /v1/{project_id}/premium-waf/host/{host_id}

    Table 12 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -141,9 +141,9 @@ - @@ -151,17 +151,45 @@ - - + + + + - - + + + + + + + + + + + + @@ -184,9 +212,13 @@ - @@ -194,10 +226,40 @@ - + + +
    Table 1 Path Parameters

    Parameter

    Integer

    Domain name access status. The value can be 0 or 1.

    -

    • 0: The domain name has not been added to WAF, and no traffic is routed to the WAF engine.

      -

    • 1: The domain name has been added to WAF, and traffic destined for the domain name has been routed to the WAF engine and the origin server.

      +

    Whether a domain name is connected to WAF.

    +

    • 0: The domain name is not connected to the engine instance.

      +

    • 1: The domain name is connected to the engine instance.

    Flag object

    Special domain name identifier, which is used to store additional domain name configurations.

    +

    Feature switch for configuring compliance certification checks for domain names protected with the dedicated WAF instance.

    hostid

    +

    extend

    +

    Extend object

    +

    This parameter includes some extended information about the protected domain name.

    +

    web_tag

    String

    Domain name ID. This parameter has the same meaning as parameter id and will be deleted.

    +

    website name

    hostId

    +

    description

    +

    String

    +

    website remarks

    +

    timestamp

    +

    Long

    +

    Time a domain name is added to WAF

    +

    region

    +

    String

    +

    region ID

    +

    hostid

    String

    String

    Whether PCI 3DS certification check is enabled for the domain name. Currently, this function is not supported. The default value is false. You can ignore this parameter.

    -

    • true: PCI 3DS check is enabled.

      -

    • false: PCI 3DS check is disenabled.

      +

    Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected.

    +

    • true: Enable this check.

      +

    • false: Disable this check.

      +
    +

    Enumeration values:

    +

    • true

      +

    • false

    String

    Whether PCI DDS certification check is enabled for the domain name.

    -

    • true: PCI DDS check is enabled.

      -

    • false: PCI DDS check is disenabled.

      +

    Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected.

    +

    • true: Enable this check.

      +

    • false: Disable this check.

    +

    Enumeration values:

    +

    • true

      +

    • false

      +
    +
    +
    + +
    + + + + + + + + + + + @@ -205,26 +267,26 @@

    Status code: 400

    -
    Table 6 Extend

    Parameter

    +

    Type

    +

    Description

    +

    ltsInfo

    +

    String

    +

    Details about LTS configuration

    +

    extend

    +

    String

    +

    Timeout configuration details.
    Table 6 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -232,26 +294,26 @@

    Status code: 401

    -
    Table 7 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 7 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -259,26 +321,26 @@

    Status code: 500

    -
    Table 8 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 8 Response body parameters

    Parameter

    +
    - - - - - - - - diff --git a/docs/wafd/api-ref/DeletePrivacyRule.html b/docs/wafd/api-ref/DeletePrivacyRule.html index 0863c827..577e312e 100644 --- a/docs/wafd/api-ref/DeletePrivacyRule.html +++ b/docs/wafd/api-ref/DeletePrivacyRule.html @@ -3,7 +3,7 @@

    Deleting a Data Masking Rule

    Function

    This API is used to delete a data masking rule.

    -

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}

    +

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}

    Table 9 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -30,7 +30,7 @@ - - @@ -68,7 +68,7 @@ - @@ -80,9 +80,9 @@
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    Rule ID

    +

    ID of the data masking rule. It can be obtained by calling the ListPrivacyRules API.

    Content-Type

    Yes

    +

    No

    String

    -

    Response Parameters

    Status code: 400

    +

    Response Parameters

    Status code: 200

    -
    Table 3 Response body parameters

    Parameter

    +
    @@ -90,26 +90,77 @@ - - - - + + + + + + + + + + + + + + + + + + + + + + + +
    Table 3 Response body parameters

    Parameter

    Type

    error_code

    +

    id

    String

    Error code

    +

    Rule ID

    error_msg

    +

    policyid

    String

    Error message

    +

    Policy ID

    +

    timestamp

    +

    Long

    +

    Time the rule is created. The value is a 13-digit timestamp in ms.

    +

    status

    +

    Integer

    +

    Rule status. The value can be:

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

      +
    +

    url

    +

    String

    +

    URL protected by the data masking rule

    +

    category

    +

    String

    +

    Masked field

    +

    Enumeration values:

    +

    • params

      +

    • cookie

      +

    • header

      +

    • form

      +
    +

    index

    +

    String

    +

    Name of the masked field

    +

    description

    +

    String

    +

    Rule description
    -

    Status code: 401

    +

    Status code: 400

    -
    Table 4 Response body parameters

    Parameter

    +
    @@ -134,9 +185,9 @@
    Table 4 Response body parameters

    Parameter

    Type
    -

    Status code: 500

    +

    Status code: 401

    -
    -
    Table 5 Response body parameters

    Parameter

    +
    @@ -161,6 +212,33 @@
    Table 5 Response body parameters

    Parameter

    Type
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +

    Example Requests

    DELETE https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}?
    diff --git a/docs/wafd/api-ref/DeletePunishmentRule.html b/docs/wafd/api-ref/DeletePunishmentRule.html new file mode 100644 index 00000000..30d19e09 --- /dev/null +++ b/docs/wafd/api-ref/DeletePunishmentRule.html @@ -0,0 +1,280 @@ + + +

    Deleting a Known Attack Source Rule

    +

    Function

    This API is used to delete a known attack source rule.

    +
    +

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}

    + +
    + + + + + + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    project_id

    +

    policy_id

    +

    Yes

    +

    String

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    +

    rule_id

    +

    Yes

    +

    String

    +

    ID of the known attack source rule. It can be obtained by calling the ListPunishmentRules API.

    +
    +
    +
    +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 2 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    auth token

    +

    Content-Type

    +

    No

    +

    String

    +

    Content type.

    +

    Default: application/json;charset=utf8

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 3 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    id

    +

    String

    +

    Rule ID

    +

    policyid

    +

    String

    +

    Policy ID

    +

    block_time

    +

    Integer

    +

    Block duration.

    +

    category

    +

    String

    +

    Type of the know attack source rule.

    +

    Enumeration values:

    +

    • long_ip_block

      +

    • long_cookie_block

      +

    • long_params_block

      +

    • short_ip_block

      +

    • short_cookie_block

      +

    • short_params_block

      +
    +

    description

    +

    String

    +

    Description

    +

    timestamp

    +

    Long

    +

    Timestamp the rule is created.

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 5 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    DELETE https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}?
    +
    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "block_time" : 1233,
+  "category" : "long_ip_block",
+  "description" : "update",
+  "id" : "2c3afdcc982b429da4f72ee483aece3e",
+  "policyid" : "2fcbcb23ef0d48d99d24d7dcff00307d",
+  "timestamp" : 1668148186106
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    Request succeeded.

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    +
    +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/DeleteValueList.html b/docs/wafd/api-ref/DeleteValueList.html index a08c8d60..604242fb 100644 --- a/docs/wafd/api-ref/DeleteValueList.html +++ b/docs/wafd/api-ref/DeleteValueList.html @@ -3,7 +3,7 @@

    Deleting a Reference Table

    Function

    This API is used to delete a reference table.

    -

    URI

    DELETE /v1/{project_id}/waf/valuelist/{valuelistid}

    +

    URI

    DELETE /v1/{project_id}/waf/valuelist/{table_id}

    @@ -24,7 +24,7 @@ - @@ -205,7 +205,7 @@
    Table 1 Path Parameters

    Parameter

    Project ID

    valuelistid

    +

    table_id

    Yes

    -

    Example Requests

    DELETE https://{Endpoint}/v1/{project_id}/waf/valuelist/{valuelistid}?
    +

    Example Requests

    DELETE https://{Endpoint}/v1/{project_id}/waf/valuelist/{table_id}?

    Example Responses

    Status code: 200

    Request succeeded.

    @@ -214,6 +214,8 @@ "name" : "demo2", "type" : "url", "values" : [ "/demo" ], + "description" : "", + "producer" : 1, "timestamp" : 1656495488880 }
    diff --git a/docs/wafd/api-ref/DeleteWhiteBlackIpRule.html b/docs/wafd/api-ref/DeleteWhiteBlackIpRule.html index fa8a58ad..b5e1eba7 100644 --- a/docs/wafd/api-ref/DeleteWhiteBlackIpRule.html +++ b/docs/wafd/api-ref/DeleteWhiteBlackIpRule.html @@ -3,7 +3,7 @@

    Deleting a Blacklist or Whitelist Rule

    Function

    This API is used to delete an IP address blacklist or whitelist rule.

    -

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}

    +

    URI

    DELETE /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}

    @@ -30,7 +30,7 @@ - - @@ -68,7 +68,7 @@ - @@ -97,6 +97,13 @@ + + + + - + + + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    Rule ID

    +

    ID of the blacklist or whitelist rule. It can be obtained by calling the ListWhiteblackipRules API.

    Content-Type

    Yes

    +

    No

    String

    Rule ID

    name

    +

    String

    +

    Rule name.

    +

    policyid

    String

    @@ -132,7 +139,7 @@

    String

    lacklisted or whitelisted IP addresses

    +

    Blacklisted or whitelisted IP addresses

    white

    @@ -146,6 +153,13 @@

    followed_action_id

    +

    String

    +

    ID of the known attack source rule.

    +
    diff --git a/docs/wafd/api-ref/ErrorCode.html b/docs/wafd/api-ref/ErrorCode.html index 65f6bb12..4a663a1f 100644 --- a/docs/wafd/api-ref/ErrorCode.html +++ b/docs/wafd/api-ref/ErrorCode.html @@ -209,7 +209,7 @@

    Inconsistency between project_id and token

    Check Consistency of project_id and token

    +

    Check consistency of project_id and token

    400

    diff --git a/docs/wafd/api-ref/ListAnticrawlerRules.html b/docs/wafd/api-ref/ListAnticrawlerRules.html new file mode 100644 index 00000000..0ee38759 --- /dev/null +++ b/docs/wafd/api-ref/ListAnticrawlerRules.html @@ -0,0 +1,376 @@ + + +

    Querying the JavaScript Anti-Crawler Rule List

    +

    Function

    This API is used to query the list of JavaScript anti-crawler rules.

    +
    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/anticrawler

    + +
    + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    Project ID. To obtain it, go to Cloud management console and hover the cursor over your username. On the displayed window, choose My Credentials. Then, in the Projects area, view Project ID of the corresponding project.

    +

    policy_id

    +

    Yes

    +

    String

    +

    ID of a protection policy. You can specify a protection policy ID to query the rules used in the protection policy. You can obtain the policy ID by calling the ListPolicy API.

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 2 Query Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    enterprise_project_id

    +

    No

    +

    String

    +

    You can obtain the ID by calling the ListEnterpriseProject API of EPS.

    +

    page

    +

    No

    +

    Integer

    +

    Page

    +

    pagesize

    +

    No

    +

    Integer

    +

    Number of records on each page. The maximum value is 2147483647.

    +

    type

    +

    No

    +

    String

    +

    JavaScript anti-crawler rule protection mode

    +

    • anticrawler_except_url: In this mode, all paths are protected except the one specified in the queried anti-crawler rule.

      +

    • anticrawler_specific_url: In this mode, the path specified in the queried rule is protected.

      +
    +
    +
    +
    +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 3 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

    +

    Content-Type

    +

    Yes

    +

    String

    +

    Content type.

    +

    Default: application/json;charset=utf8

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    total

    +

    Integer

    +

    The number of anti-crawler rules in the current policy.

    +

    items

    +

    Array of AnticrawlerRule objects

    +

    The list of anti-crawler protection rules.

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 5 AnticrawlerRule

    Parameter

    +

    Type

    +

    Description

    +

    policyid

    +

    String

    +

    Policy ID.

    +

    id

    +

    String

    +

    Rule ID.

    +

    url

    +

    String

    +

    URL to which the rule applies.

    +

    logic

    +

    Integer

    +

    Rule matching logic

    +

    • 1: Include

      +

    • 2: Not include

      +

    • 3: Equal

      +

    • 4: Not equal

      +

    • 5: Prefix is

      +

    • 6: Prefix is not

      +

    • 7: Suffix is

      +

    • 8: Suffix is not

      +
    +

    name

    +

    String

    +

    Rule name.

    +

    type

    +

    String

    +

    JavaScript anti-crawler rule type.

    +

    • anticrawler_specific_url: used to protect a specific path specified by the rule.

      +

    • anticrawler_except_url: used to protect all paths except the one specified by the rule.

      +
    +

    timestamp

    +

    Long

    +

    Timestamp the rule is created.

    +

    status

    +

    Integer

    +

    Rule status. The value can be 0 or 1.

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

      +
    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 7 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 8 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/anticrawler?
    +
    +

    Example Responses

    Status code: 200

    +

    ok

    +
    {
+  "total" : 1,
+  "items" : [ {
+    "id" : "fe2b2dd7a25d4170bffa943e72d7b7b8",
+    "policyid" : "200b34c3bca047a69f1cacf965a35a64",
+    "name" : "demo",
+    "timestamp" : 1679883377145,
+    "status" : 1,
+    "url" : "/demo",
+    "logic" : 1,
+    "type" : "anticrawler_except_url"
+  } ]
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    ok

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    +
    +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/ListWhiteblackipRule.html b/docs/wafd/api-ref/ListAntileakageRules.html similarity index 80% rename from docs/wafd/api-ref/ListWhiteblackipRule.html rename to docs/wafd/api-ref/ListAntileakageRules.html index e34540c8..da65eed7 100644 --- a/docs/wafd/api-ref/ListWhiteblackipRule.html +++ b/docs/wafd/api-ref/ListAntileakageRules.html @@ -1,9 +1,9 @@ - + -

    Querying the Blacklist and Whitelist Rule List

    -

    Function

    This API is used to query the list of blacklist and whitelist rules.

    +

    Querying the List of Information Leakage Prevention Rules

    +

    Function

    This API is used to query the list of information leakage prevention rules.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackip

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/antileakage

    @@ -30,7 +30,7 @@ - @@ -53,8 +53,7 @@ - - - - - - - @@ -81,7 +70,7 @@

    Request Parameters

    -
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    Integer

    Page.

    -

    Default: 1

    +

    Page

    pagesize

    @@ -63,17 +62,7 @@

    Integer

    Number of records on each page. The maximum value is 100.

    -

    Default: 10

    -

    name

    -

    No

    -

    String

    -

    Rule name, Fuzzy search is supported.

    +

    Number of records on each page. The maximum value is 2147483647.
    Table 3 Request header parameters

    Parameter

    +
    @@ -97,7 +86,7 @@ - - @@ -116,7 +105,7 @@

    Response Parameters

    Status code: 200

    -
    Table 3 Request header parameters

    Parameter

    Mandatory

    String

    User Token

    +

    auth token

    Content-Type

    @@ -106,7 +95,7 @@

    String

    Content type

    +

    Content type.

    Default: application/json;charset=utf8
    Table 4 Response body parameters

    Parameter

    +
    @@ -128,21 +117,21 @@ - - -
    Table 4 Response body parameters

    Parameter

    Type

    Integer

    Number of rules

    +

    The number of information leakage prevention rules

    items

    Array of WhiteBlackIpResponseBody objects

    +

    Array of LeakageListInfo objects

    Rules

    +

    The list of information leakage prevention rules
    -
    Table 5 WhiteBlackIpResponseBody

    Parameter

    +
    @@ -157,18 +146,42 @@ - - + + + + + + + + - - - - - - - - - @@ -211,7 +210,7 @@

    Status code: 400

    -
    Table 5 LeakageListInfo

    Parameter

    Type

    Rule ID

    policyid

    +

    url

    String

    Policy ID.

    +

    URL to which the rule applies.

    +

    category

    +

    String

    +

    Sensitive information type in the information leakage prevention rule.

    +

    • sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.

      +

    • code: The rule blocks response pages of specified HTTP response code.

      +
    +

    Enumeration values:

    +

    • code

      +

    • sensitive

      +
    +

    contents

    +

    Array of strings

    +

    Content corresponding to the sensitive information type. Multiple options can be set.

    +

    • When category is set to code, the pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.

      +

    • When category is set to sensitive, parameters phone, id_card, and email can be set.

      +

    timestamp

    Long

    Rule creation time

    +

    Timestamp the rule is created.

    description

    @@ -186,23 +199,9 @@

    • 0: The rule is disabled.

    • 1: The rule is enabled.

    -

    addr

    -

    String

    -

    lacklisted or whitelisted IP addresses

    -

    white

    -

    Integer

    -

    Protective action. The value can be:

    -

    • 0: WAF blocks the requests that hit the rule.

      -

    • 1: WAF allows the requests that hit the rule.

      -

    • 2: WAF only logs the requests that hit the rule.

      +

      Enumeration values:

      +

      • 0

        +

      • 1
    Table 6 Response body parameters

    Parameter

    +
    @@ -238,7 +237,7 @@

    Status code: 401

    -
    Table 6 Response body parameters

    Parameter

    Type
    Table 7 Response body parameters

    Parameter

    +
    @@ -265,7 +264,7 @@

    Status code: 500

    -
    Table 7 Response body parameters

    Parameter

    Type
    Table 8 Response body parameters

    Parameter

    +
    @@ -291,25 +290,26 @@
    Table 8 Response body parameters

    Parameter

    Type

    -

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/whiteblackip?
    +

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/antileakage?

    Example Responses

    Status code: 200

    Request succeeded.

    {
   "total" : 1,
   "items" : [ {
-    "id" : "3c96caf769ca4f57814fcf4259ea89a1",
-    "policyid" : "4dddfd44fc89453e9fd9cd6bfdc39db2",
-    "timestamp" : 1650362891844,
+    "id" : "82c4f04f84fd4b2b9ba4b4ea0df8ee82",
+    "policyid" : "2fcbcb23ef0d48d99d24d7dcff00307d",
+    "timestamp" : 1668152426471,
     "description" : "demo",
     "status" : 1,
-    "addr" : "x.x.x.x",
-    "white" : 0
+    "url" : "/attack",
+    "category" : "sensitive",
+    "contents" : [ "id_card" ]
   } ]
 }

    Status Codes

    -

    Status Code

    +
    diff --git a/docs/wafd/api-ref/ListAntitamperRules.html b/docs/wafd/api-ref/ListAntitamperRules.html index 50f484a5..1158829e 100644 --- a/docs/wafd/api-ref/ListAntitamperRules.html +++ b/docs/wafd/api-ref/ListAntitamperRules.html @@ -1,9 +1,9 @@

    Querying the List of Web Tamper Protection Rules

    -

    Function

    This api is used to query the list of web tamper protection rules.

    +

    Function

    This API is used to query the list of web tamper protection rules.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/antitamper

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/antitamper

    Status Code

    Description
    @@ -21,7 +21,7 @@ - - @@ -63,7 +63,7 @@ - @@ -183,7 +183,7 @@ -
    Table 1 Path Parameters

    Parameter

    String

    Prroject ID

    +

    Project ID

    policy_id

    @@ -30,7 +30,7 @@

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    Integer

    Number of records on each page. The maximum value is 100.

    +

    Number of records on each page. The maximum value is 2147483647.

    Default: 10

    String

    Domain name protected by the web tamper protection rule

    +

    The domain name of the website protected with the web tamper protection rule. The domain name is in the format of xxx.xxx.com, such as www.example.com.

    url

    diff --git a/docs/wafd/api-ref/ListBandwidthTimeline.html b/docs/wafd/api-ref/ListBandwidthTimeline.html index e0acea3b..65136390 100644 --- a/docs/wafd/api-ref/ListBandwidthTimeline.html +++ b/docs/wafd/api-ref/ListBandwidthTimeline.html @@ -3,7 +3,7 @@

    Querying Bandwidth Usage Statistics

    Function

    This API is used to query bandwidth usage statistics.

    -

    URI

    GET /v1/{project_id}/waf/overviews/bandwidth/timeline

    +

    URI

    GET /v1/{project_id}/waf/overviews/bandwidth/timeline

    @@ -71,7 +71,7 @@ - - diff --git a/docs/wafd/api-ref/ListCcRules.html b/docs/wafd/api-ref/ListCcRules.html index ff7c4d23..36b675fc 100644 --- a/docs/wafd/api-ref/ListCcRules.html +++ b/docs/wafd/api-ref/ListCcRules.html @@ -3,7 +3,7 @@

    Querying CC Attack Protection Rules

    Function

    This API is used to query the list of CC attack protection rules.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/cc

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/cc

    Table 1 Path Parameters

    Parameter

    String

    List of instance to query (only for the instantiation mode).

    +

    This parameter is used to query the bandwidth of the protected domain name protected by a specific dedicated WAF engine instance.

    group_by

    @@ -80,7 +80,12 @@

    String

    Display dimension. For example, the value is DAY if data is displayed by the day.

    +

    Data aggregation interval. If this parameter is not specified, data is displayed by a time range calculated based on parameters from and to.

    +

    • If the time range between from and to is fewer than or equal to 1 day, the interval is one minute.

      +

    • If the time range between from and to is greater than 1 day but fewer than or equal to 3 days, the interval is 5 minutes.

      +

    • If the time range between from and to is greater than 3 days but fewer than or equal 7 days, the interval is 10 minutes.

      +

    • If the time range between from and to is greater than 7 days but fewer than or equal to 30 days, the interval is 1 hour.

      +
    @@ -30,7 +30,7 @@ - @@ -63,8 +63,7 @@ - @@ -93,7 +92,7 @@ - @@ -169,7 +168,7 @@ - - - - - - - - - - - - - - - - - @@ -224,6 +191,82 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - - - - - + + + + + + + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID. It can be obtained by calling the API Querying Protection Policies.

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    Integer

    Number of records on each page. The maximum value is 100. Default value: 10

    -

    Default: 10

    +

    Number of records on each page. The maximum value is 2147483647.

    Content-Type

    Yes

    +

    No

    String

    Boolean

    Whether a prefix is used for the path. If the protected URL ends with an asterisk (*), a path prefix is used.

    +

    Whether a prefix is used for the path. If the protected URL ends with an asterisk (*), a path prefix is used. When the value of mode is 0, this parameter has a return value.

    mode

    @@ -178,39 +177,7 @@

    Mode.

    • 0: Standard.

      -

    • 1: Advanced

      -
    -

    limit_num

    -

    String

    -

    Number of requests allowed from a web visitor in a rate limiting period

    -

    limit_period

    -

    String

    -

    Rate limiting period

    -

    lock_time

    -

    String

    -

    How long a web visitor will be locked The value range is [0 to 2^32), in seconds.

    -

    tag_type

    -

    String

    -

    Protection mode.

    -

    • ip: IP-based rate limiting. Website visitors are identified by IP address.

      -

    • cookie: User-based rate limiting. Website visitors are identified by the cookie key value.

      -

    • other: Website visitors are identified by the Referer field (user-defined request source).

      +

    • 1: Advanced.

    conditions

    +

    Array of CcCondition objects

    +

    Rate limit conditions of the CC protection rule. This parameter is mandatory when the CC protection rule is in advanced mode (i.e. the value of mode is 1).

    +

    action

    +

    action object

    +

    Protection action to take if the number of requests reaches the upper limit.

    +

    tag_type

    +

    String

    +

    Rate limit mode.

    +

    • ip: IP-based rate limiting. Website visitors are identified by IP address.

      +

    • cookie: User-based rate limiting. Website visitors are identified by the cookie key value.

      +

    • other: Website visitors are identified by the Referer field (user-defined request source).

      +
    +

    Enumeration values:

    +

    • ip

      +

    • other

      +

    • cookie

      +

    • header

      +
    +

    tag_index

    +

    String

    +

    User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).

    +

    • cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.

      +

    • header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.

      +
    +

    tag_condition

    +

    tag_condition object

    +

    User tag. This parameter is mandatory when the rate limit mode is set to other. -other: A website visitor is identified by the Referer field (user-defined request source).

    +

    limit_num

    +

    Integer

    +

    Rate limit frequency based on the number of requests. The value ranges from 1 to 2,147,483,647.

    +

    limit_period

    +

    Integer

    +

    Rate limit period, in seconds. The value ranges from 1 to 3,600.

    +

    unlock_num

    +

    Integer

    +

    Allowable frequency based on the number of requests. The value ranges from 0 to 2,147,483,647. This parameter is required only when the protection action type is dynamic_block.

    +

    lock_time

    +

    Integer

    +

    Block duration, in seconds. The value ranges from 0 to 65,535. Access requests are blocked during the configured block duration, and an error page is displayed.

    +

    description

    String

    @@ -231,18 +274,32 @@

    Rule description

    action

    +

    total_num

    action object

    +

    Integer

    Action to take if the number of requests reaches the upper limit.

    +

    This parameter is reserved and can be ignored currently.

    conditions

    +

    unaggregation

    Array of conditions objects

    +

    Boolean

    Condition list. This parameter is returned when mode is set to 1.

    +

    This parameter is reserved and can be ignored currently.

    +

    aging_time

    +

    Integer

    +

    Rule aging time. This parameter is reserved and can be ignored currently.

    +

    producer

    +

    Integer

    +

    Rule creation object. This parameter is reserved and can be ignored currently.

    timestamp

    @@ -256,7 +313,7 @@
    -
    Table 6 action

    Parameter

    +
    @@ -268,28 +325,77 @@ - - - + + + + + + + + + + + +
    Table 6 CcCondition

    Parameter

    Type

    String

    Action type:

    -

    • block: WAF blocks discovered attacks.

      -

    • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

      -

    • If tag_type is set to other, the value can only be block.

      +

    Field type. The value can be url, ip, params, cookie, or header.

    +

    Enumeration values:

    +

    • url

      +

    • ip

      +

    • params

      +

    • cookie

      +

    • header

    detail

    +

    logic_operation

    String

    Action details. If detail is null, the default block page is displayed by default.

    -

    • This parameter cannot be included when category is set to captcha.

      -

    • This parameter is required when category is set to block.

      +

    Logic for matching the condition.

    +

    • If the category is url, the optional operations are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal and len_not_equal

      +

    • If the category is ip, the optional operations are: equal, not_equal, , equal_any and not_equal_all

      +

    • If the category is params, cookie and header, the optional operations are: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal, len_not_equal, num_greater, num_less, num_equal, num_not_equal, exist and not_exist

    +

    Enumeration values:

    +

    • contain

      +

    • not_contain

      +

    • equal

      +

    • not_equal

      +

    • prefix

      +

    • not_prefix

      +

    • suffix

      +

    • not_suffix

      +

    • contain_any

      +

    • not_contain_all

      +

    • equal_any

      +

    • not_equal_all

      +

    • prefix_any

      +

    • not_prefix_all

      +

    • suffix_any

      +

    • not_suffix_all

      +

    • num_greater

      +

    • num_less

      +

    • num_equal

      +

    • num_not_equal

      +

    • exist

      +

    • not_exist

      +
    +

    contents

    +

    Array of strings

    +

    Content of the conditions. This parameter is mandatory when the suffix of logic_operation is not any or all.

    +

    value_list_id

    +

    String

    +

    Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is mandatory when the suffix of logic_operation is any or all. The reference table type must be the same as the category type.

    +

    index

    +

    String

    +

    Subfield. When category is set to params, cookie, or header, set this parameter based on site requirements. This parameter is mandatory.
    -
    Table 7 detail

    Parameter

    +
    @@ -297,18 +403,39 @@ - - - + + + +
    Table 7 action

    Parameter

    Type

    response

    +

    category

    response object

    +

    String

    Returned page

    +

    Action type:

    +

    • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

      +

    • block: WAF blocks the requests. When tag_type is set to other, the value can only be block.

      +

    • log: WAF logs the event only.

      +

    • dynamic_block: In the previous rate limit period, if the request frequency exceeds the value of Rate Limit Frequency, the request is blocked. In the next rate limit period, if the request frequency exceeds the value of Permit Frequency, the request is still blocked. Note: The dynamic_block protection action can be set only when the advanced protection mode is enabled for the CC protection rule.

      +
    +

    Enumeration values:

    +

    • captcha

      +

    • block

      +

    • log

      +

    • dynamic_block

      +
    +

    detail

    +

    detail object

    +

    Block page information. When protection action category is set to block or dynamic_block, you need to set the returned block page.

    +

    • If you want to use the default block page, this parameter can be excluded.

      +

    • If you want to use a custom block page, set this parameter.

      +
    -
    Table 8 response

    Parameter

    +
    @@ -316,25 +443,18 @@ - - - - - - -
    Table 8 detail

    Parameter

    Type

    content_type

    +

    response

    String

    +

    response object

    Content type. The value can only be application/json, text/html, or text/xml.

    -

    content

    -

    String

    -

    Contents

    +

    Block Page
    -
    Table 9 conditions

    Parameter

    +
    @@ -342,39 +462,49 @@ - - - - - - - - - +
    Table 9 response

    Parameter

    Type

    category

    +

    content_type

    String

    Field type. The options are as follows: ip, cookie, and url

    -

    index

    -

    String

    -

    Parameter description:

    -

    • When the field type is ip or url, the index parameter is not required.

      -

    • When the field type is cookie and the subfield is customized, the value of index is the customized subfield.

      +

    Content type. The value can only be application/json, text/html, or text/xml.

    +

    Enumeration values:

    +

    • application/json

      +

    • text/html

      +

    • text/xml

    logic_operation

    +

    content

    String

    Condition matching logic. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, equal_any, and not_equal_any, contain_any, and not_contain_any.

    -

    • When the field type is url, the following matching logics are supported: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix.

      -

    • When the field type is ip, the following matching logics are supported: equal, not_equal, equal_any, and not_equal_any.

      -

    • When category is set to cookie, the following matching logics are supported: contain, not_contain, equal, not_equal. prefix, not_prefix, suffix, not_suffix, contain_any, and not_contain_any.

      -
    +

    Block page information.

    contents

    +
    +
    + +
    + + + + + - - + + + + @@ -382,26 +512,26 @@

    Status code: 400

    -
    Table 10 tag_condition

    Parameter

    +

    Type

    +

    Description

    +

    category

    Array of strings

    +

    String

    Content of the conditions.

    +

    User identifier. The value is fixed at referer.

    +

    contents

    +

    Array of strings

    +

    Content of the user identifier field.
    Table 10 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -409,26 +539,26 @@

    Status code: 401

    -
    Table 11 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 11 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -436,33 +566,45 @@

    Status code: 500

    -
    Table 12 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    - + + + + @@ -391,7 +451,9 @@ "priority" : 50, "status" : 1, "time" : false, - "timestamp" : 1656495488880 + "timestamp" : 1656495488880, + "aging_time" : 0, + "producer" : 1 } ], "total" : 1 } diff --git a/docs/wafd/api-ref/ListEvent.html b/docs/wafd/api-ref/ListEvent.html index 2de508ba..88e37f3f 100644 --- a/docs/wafd/api-ref/ListEvent.html +++ b/docs/wafd/api-ref/ListEvent.html @@ -1,9 +1,9 @@

    Querying the List of Attack Events

    -

    Function

    This API is used to query the list of attack events for a specific period. It cannot be used to query all attack events. The pagesize parameter cannot be set to -1.

    +

    Function

    This API is used to query the list of attack events for a specific period.

    -

    URI

    GET /v1/{project_id}/waf/event

    +

    URI

    GET /v1/{project_id}/waf/event

    Table 12 Response body parameters

    Parameter

    +
    - - - - - - - -
    Table 13 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    -

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/cc?
    +

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/cc?
+
+{
+  "description" : "",
+  "tag_type" : "ip",
+  "limit_num" : 10,
+  "limit_period" : 1,
+  "action" : {
+    "category" : "captcha"
+  },
+  "mode" : 0,
+  "url" : "/demo"
+}

    Example Responses

    Status code: 200

    Request succeeded.

    diff --git a/docs/wafd/api-ref/ListCertificates.html b/docs/wafd/api-ref/ListCertificates.html index 4f736204..f97ba1e7 100644 --- a/docs/wafd/api-ref/ListCertificates.html +++ b/docs/wafd/api-ref/ListCertificates.html @@ -3,7 +3,7 @@

    Querying the Certificate List

    Function

    This API is used to query the certificate list.

    -

    URI

    GET /v1/{project_id}/waf/certificate

    +

    URI

    GET /v1/{project_id}/waf/certificate

    @@ -181,18 +181,32 @@ + + + + + + + + - - - @@ -331,7 +345,7 @@
    Table 1 Path Parameters

    Parameter

    Certificate name

    certificateid

    +

    String

    +

    Certificate ID, which is a redundant parameter. Please ignore it.

    +

    certificatename

    +

    String

    +

    Certificate name, which is a redundant parameter. Please ignore it.

    +

    expire_time

    Long

    Timestamp when the certificate expire

    +

    Timestamp when the certificate expire. This parameter is returned in the response body only when the value of host in the URL request is true.

    exp_status

    Integer

    Certificate expiration status. The value can be:

    +

    Certificate expiration status. This parameter is returned in the response body only when the value of host in the URL request is true. The value can be:

    • 0: The certificate is valid.

    • 1: The certificate has expired.

    • 2: The certificate is about to expire.

      @@ -210,7 +224,7 @@

    Array of BindHost objects

    Domain name associated with the certificate

    +

    Domain name associated with the certificate. This parameter is returned in the response body only when the value of host in the URL request is true.
    -

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/certificate?
    +

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/certificate?page=1&pagesize=10&host=true&enterprise_project_id=0

    Example Responses

    Status code: 200

    Request succeeded.

    diff --git a/docs/wafd/api-ref/ListCustomRules.html b/docs/wafd/api-ref/ListCustomRules.html index ae417c40..4a51cc4d 100644 --- a/docs/wafd/api-ref/ListCustomRules.html +++ b/docs/wafd/api-ref/ListCustomRules.html @@ -3,7 +3,7 @@

    Querying Precise Protection Rules

    Function

    This API is used to query the list of precise protection rules.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/custom

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/custom

    @@ -30,7 +30,7 @@ - @@ -63,8 +63,7 @@ - @@ -124,7 +123,7 @@ - @@ -133,7 +132,7 @@
    Table 1 Path Parameters

    Parameter

    String

    Policy ID. It can be obtained by calling the API Querying Protection Policies.

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    Integer

    Number of records on each page. The maximum value is 100.

    -

    Default: 10

    +

    Number of records on each page. The maximum value is 2147483647.

    items

    Array of objects

    +

    Array of CustomRuleBody objects

    Array of custom rules

    -
    @@ -254,7 +267,34 @@ - + + + +
    Table 5 CustomRuleBody

    Parameter

    +
    @@ -159,7 +158,7 @@ - - - - - + + + + + + + + + + + +
    Table 5 CustomRuleBody

    Parameter

    Type

    String

    Rule description

    +

    Rule description.

    status

    @@ -186,13 +185,6 @@

    Protective action of the precise protection rule.

    action_mode

    -

    Boolean

    -

    This parameter is reserved and can be ignored.

    -

    priority

    Integer

    @@ -221,6 +213,27 @@

    Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.

    action_mode

    +

    Boolean

    +

    This parameter is reserved and can be ignored currently.

    +

    aging_time

    +

    Integer

    +

    Rule aging time. This parameter is reserved and can be ignored currently.

    +

    producer

    +

    Integer

    +

    Rule creation object. This parameter is reserved and can be ignored currently.

    +
    @@ -246,7 +259,7 @@

    Subfield

    • When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.

      -

    • If the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

      +

    • When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

    String

    Logic for matching the condition. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix. For more details, see the console UI.

    +

    Logic for matching the condition.

    +

    Enumeration values:

    +

    • contain

      +

    • not_contain

      +

    • equal

      +

    • not_equal

      +

    • prefix

      +

    • not_prefix

      +

    • suffix

      +

    • not_suffix

      +

    • contain_any

      +

    • not_contain_all

      +

    • equal_any

      +

    • not_equal_all

      +

    • prefix_any

      +

    • not_prefix_all

      +

    • suffix_any

      +

    • not_suffix_all

      +

    • len_greater

      +

    • len_less

      +

    • len_equal

      +

    • num_greater

      +

    • num_less

      +

    • num_equal

      +

    • num_not_equal

      +

    • exist

      +

    • not_exist

      +

    contents

    @@ -264,6 +304,13 @@

    Content of the conditions.

    value_list_id

    +

    String

    +

    Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is available only when a reference table is used when a protection rule is created.

    +
    @@ -280,10 +327,23 @@

    String

    Action type.

    -

    • block: WAF blocks attacks.

      -

    • pass: WAF allows requests.

      +

    Operation type

    +

    • block: WAF blocks attacks.

      +

    • pass: WAF allows requests.

      +

    • log: WAF only logs detected attacks.

    +

    Enumeration values:

    +

    • block

      +

    • pass

      +

    • log

      +
    +

    followed_action_id

    +

    String

    +

    ID of a known attack source rule. This parameter can be configured only when category is set to block.
    @@ -227,12 +227,12 @@

  • rfi: Remote file inclusion

  • webshell: Website Trojans

  • cc: CC attacks

    -

  • custom_custom: Precise protection

    -

  • custom_whiteblackip: IP address blacklist and whitelist

    -

  • custom_geoip: Geolocation access control

    -

  • antitamper: Web tamper protection

    -

  • anticrawler: Anti-crawler protection

    -

  • leakage: Data leakage prevention

    +

  • custom_custom: attack protected by the precise protection rules

    +

  • custom_whiteblackip: attack protected by the blacklist and whitelist protection rule

    +

  • custom_geoip: attack protected by the geolocation access control protection rule

    +

  • antitamper: attack protected by the web tamper protection rules

    +

  • anticrawler: attack protected by the anti-crawler protection rules

    +

  • leakage: attack protected by the information leakage protection rule

  • illegal: Illegal requests

  • vuln: Other attack types

    • @@ -336,6 +336,13 @@ + + + +
    Table 1 Path Parameters

    Parameter

    Response body content.

    request_body

    +

    String

    +

    Request body

    +
    diff --git a/docs/wafd/api-ref/ListGeoipRule.html b/docs/wafd/api-ref/ListGeoipRules.html similarity index 81% rename from docs/wafd/api-ref/ListGeoipRule.html rename to docs/wafd/api-ref/ListGeoipRules.html index c74919c5..c1be0244 100644 --- a/docs/wafd/api-ref/ListGeoipRule.html +++ b/docs/wafd/api-ref/ListGeoipRules.html @@ -1,9 +1,9 @@ - +

    Querying the List of Geolocation Access Control Rules

    Function

    This API is used to query the list of geolocation access control rules.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/geoip

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/geoip

    @@ -30,7 +30,7 @@ - @@ -63,7 +63,7 @@ - @@ -72,7 +72,7 @@

    Request Parameters

    -
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    Integer

    Number of records on each page. The maximum value is 100.

    +

    Number of records on each page. The maximum value is 2147483647.

    Default: 10
    Table 3 Request header parameters

    Parameter

    +
    @@ -107,7 +107,7 @@

    Response Parameters

    Status code: 200

    -
    Table 3 Request header parameters

    Parameter

    Mandatory
    Table 4 Response body parameters

    Parameter

    +
    @@ -124,7 +124,7 @@ - @@ -133,7 +133,7 @@
    Table 4 Response body parameters

    Parameter

    Type

    items

    Array of GeOIpItem objects

    +

    Array of GeOIpItem objects

    List of the restricted geographical locations

    -
    Table 5 GeOIpItem

    Parameter

    +
    @@ -155,6 +155,20 @@ + + + + + + + + @@ -224,7 +239,7 @@

    Status code: 400

    -
    Table 5 GeOIpItem

    Parameter

    Type

    Policy ID

    name

    +

    String

    +

    Rule name. Currently, the console does not support configuring names for geolocation access control rule. Ignore this parameter.

    +

    geoTagList

    +

    Array of strings

    +

    List of geographical locations hit the geolocation access control rule.

    +

    geoip

    String

    @@ -181,6 +195,7 @@

  • South Africa: South Africa

  • Mexico: Mexico

  • Peru: Peru

    +

  • For more geographical location codes, see "Appendix - Geographic Location Codes."

    		•
    Table 6 Response body parameters

    Parameter

    +
    @@ -251,7 +266,7 @@

    Status code: 401

    -
    Table 6 Response body parameters

    Parameter

    Type
    Table 7 Response body parameters

    Parameter

    +
    @@ -278,7 +293,7 @@

    Status code: 500

    -
    Table 7 Response body parameters

    Parameter

    Type
    Table 8 Response body parameters

    Parameter

    +
    @@ -315,6 +330,7 @@ "policyid" : "2abeeecefb9840e6bf05efbd80d0fcd7", "timestamp" : 1636340038062, "status" : 1, + "geoTagList" : [ "BR" ], "geoip" : "BR", "white" : 1, "name" : "demo" @@ -322,7 +338,7 @@ }

    Status Codes

    -
    Table 8 Response body parameters

    Parameter

    Type

    Status Code

    +
    diff --git a/docs/wafd/api-ref/ListIgnoreRules.html b/docs/wafd/api-ref/ListIgnoreRules.html index 9f1eaea0..e048fcb9 100644 --- a/docs/wafd/api-ref/ListIgnoreRules.html +++ b/docs/wafd/api-ref/ListIgnoreRules.html @@ -3,7 +3,7 @@

    Querying the False Alarm Masking Rule List

    Function

    This API is used to query the list of false alarm masking rules.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/ignore

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/ignore

    Status Code

    Description
    @@ -63,7 +63,7 @@ - @@ -119,14 +119,14 @@ - - @@ -145,96 +145,85 @@ - - - - - - - - - - - - - - + + + + - - -
    Table 1 Path Parameters

    Parameter

    Integer

    Number of records on each page. The maximum value is 100.

    +

    Number of records on each page. The maximum value is 2147483647.

    Default: 10

    Integer

    Number of rules in the policy

    +

    The number of global protection whitelist (formerly false alarm masking) rules in the protection policy.

    items

    Array of IgnoreRuleBody objects

    Array of false alarm masking rules

    +

    Domain names the global protection whitelist (formerly false alarm masking) rule is used for.

    String

    Rule ID.

    +

    Rule ID

    policyid

    String

    Policy ID.

    +

    ID of the protection policy that includes the rule

    timestamp

    Long

    Rule creation time.

    +

    Timestamp the rule was created.

    description

    String

    Provides supplementary information about the assignment.

    +

    Rule description

    status

    Integer

    Rule status. The value can be:

    -

    • 0: The rule is disabled.

      -

    • 1: The rule is enabled.

      +

    Rule status. The value can be 0 or 1.

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

    url

    -

    String

    -

    URL protected by the web tamper protection rule. The value must be in the standard URL format, for example, /admin.

    -

    rule

    String

    Masked rule. The value can be the ID of a rule that is matched, all rules (all), or enumeration value of the attack type. To mask a built-in rule included in Basic Web Protection, set this parameter to the ID of the rule. To obtain the rule ID, go to the WAF console. Then, choose Policies and click the policy name. On the displayed page, find the Basic Web Protection area and click Advanced Settings. On the displayed page, click Protection Rule and view the rule ID. To disable a certain type of rule, the value can be:

    -

    • xss or sqli: XSS attacks

      -

    • cmdi: Command injectionrobot: Malicious crawlers

      -

    • lfi: Local file inclusion

      -

    • rfi: Remote file inclusionwebshell: Website Trojans

      -

    • cc: CC attacks -custom_custom: Precise protection

      -

    • custom_whiteblackip: IP address blacklist and whitelist

      -

    • custom_geoip: Geolocation access control

      -

    • antitamper: Web tamper protection

      -

    • anticrawler: Anti-crawler protection

      -

    • leakage: Data leakage prevention

      -

    • illegal: Illegal requests

      -

    • vuln: Other attack types

      +

    Items to be masked. You can provide multiple items and separate them with semicolons (;).

    +

    • If you want to disable a specific built-in rule for a domain name, the value of this parameter is the rule ID. When requests are blocked against a certain built-in rule while you do not want this rule to block requests later, you can query the rule in the Events page on the console and find its rule ID in the Hit Rule column. Then, you can disk the rule by its ID (including 6 digits).

      +

    • If you want to mask a type of basic web protection rules, set this parameter to the name of the type of basic web protection rules. xss: XSS attacks webshell: Web shells vuln: Other types of attacks sqli: SQL injection attack robot: Malicious crawlers rfi: Remote file inclusion lfi: Local file inclusion cmdi: Command injection attack

      +

    • To bypass the basic web protection, set this parameter to all.

      +

    • To bypass all WAF protection, set this parameter to bypass.

    url_logic

    +

    mode

    String

    +

    Integer

    URL match logic:

    -

    • equal: full match

      -

    • prefix: prefix match

      -
    +

    The value is fixed at 1, indicating v2 false alarm masking rules.

    domains

    +

    conditions

    +

    Array of Condition objects

    +

    Condition list

    +

    domain

    Array of strings

    Protected domain name

    +

    Protecting Domain Names or Protecting Websites

    advanced

    advanced object

    +

    Array of Advanced objects

    advanced

    +

    Advanced settings
    -
    Table 6 advanced

    Parameter

    +
    @@ -242,24 +231,68 @@ - - + + + + + + + + + + + + + + + + + + +
    Table 6 Condition

    Parameter

    Type

    index

    +

    category

    String

    To ignore attacks of a specified field, specify the field in the Advanced Settings area. After you complete the configuration, WAF will stop intercepting attack events of the specified field. The following fields are supported:

    -

    • cookie: session cookie

      -

    • header: header field

      -

    • body: body field

      -

    • multipart: multipart/form-data type data

      -

    • params: parameter

      +

    Field type. The value can be ip, url, params, cookie, or header.

    +

    contents

    +

    Array of strings

    +

    Content. The array length must be 1. The content format varies depending on field types. For example, if the field type is ip, the value must be an IP address or IP address range. If the field type is url, the value must be a URL in standard format. If the field type is params, cookie, or header, the content format is not limited.

    +

    logic_operation

    +

    String

    +

    The matching logic varies depending on the field type. For example, if the field type is ip, the logic can be equal or not_equal. If the field type is url, params, cookie, or header, the logic can be equal, not_equal, contain, not_contain, prefix, not_prefix, suffix, not_suffix.

    +

    check_all_indexes_logic

    +

    Integer

    +

    This parameter is reserved and can be ignored.

    +

    index

    +

    String

    +

    If the field type is ip and the subfield is the client IP address, the index parameter does not exist. If the subfield type is X-Forwarded-For, the value is x-forwarded-for. If the field type is params, header, or cookie, and the subfield is user-defined, the value of index is the user-defined subfield.

    +
    +
    + +
    + + + + + + + - - - @@ -267,26 +300,26 @@

    Status code: 400

    -
    Table 7 Advanced

    Parameter

    +

    Type

    +

    Description

    +

    index

    +

    String

    +

    Field type. The following field types are supported: Params, Cookie, Header, Body, and Multipart.

    +

    • When you select Params, Cookie, or Header, you can set this parameter to all or configure subfields as required.

      +

    • When you select Body or Multipart, set this parameter to all.

    content

    +

    contents

    String

    +

    Array of strings

    Specified field (available only for param, cookie, and header)

    +

    Subfield of the specified field type. The default value is all.
    Table 7 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -294,26 +327,26 @@

    Status code: 401

    -
    Table 8 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 8 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -321,26 +354,26 @@

    Status code: 500

    -
    Table 9 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 9 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -350,19 +383,23 @@

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/ignore?

    Example Responses

    Status code: 200

    -

    Request succeeded.

    +

    OK

    {
   "total" : 1,
   "items" : [ {
-    "id" : "c20f67b3e1c040c0b0d8866e568ee8bf",
-    "policyid" : "a75e96d8284c4c4f98ada7d391e8342c",
-    "timestamp" : 1656507126528,
-    "description" : "",
+    "id" : "40484384970948d79fffe4e4ae1fc54d",
+    "policyid" : "f385eceedf7c4c34a4d1def19eafbe85",
+    "timestamp" : 1650512535222,
+    "description" : "demo",
     "status" : 1,
-    "rule" : "webshell",
-    "url_logic" : "equal",
-    "url" : "/demo",
-    "domain" : [ "test3.th.com" ]
+    "rule" : "091004",
+    "mode" : 1,
+    "conditions" : [ {
+      "category" : "ip",
+      "contents" : [ "x.x.x.x" ],
+      "logic_operation" : "equal"
+    } ],
+    "domain" : [ "www.example.com" ]
   } ]
 }
    @@ -375,7 +412,7 @@ - - - - - - @@ -339,7 +343,7 @@ - + + + + - + + + + - - - @@ -482,9 +510,31 @@
    Table 10 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message

    200

    Request succeeded.

    +

    OK

    400

    diff --git a/docs/wafd/api-ref/ListInstance.html b/docs/wafd/api-ref/ListInstance.html index 4adeff6c..690a82b6 100644 --- a/docs/wafd/api-ref/ListInstance.html +++ b/docs/wafd/api-ref/ListInstance.html @@ -3,7 +3,7 @@

    Querying the List of Dedicated WAF Engines

    Function

    This API is used to query the list of dedicated WAF engines.

    -

    URI

    GET /v1/{project_id}/premium-waf/instance

    +

    URI

    GET /v1/{project_id}/premium-waf/instance

    @@ -82,7 +82,7 @@ - @@ -124,7 +124,7 @@ - - - - + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    X-Auth-Token

    No

    +

    Yes

    String

    Boolean

    Whether any dedicated engine has been created. The value can be false or true.

    +

    Whether any dedicated engine has been created. This parameter is reserved and can be ignored currently. The value can be false or true.

    • false: No dedicated WAF engine has been created.

    • true: At least one dedicated WAF engine has been created.

    @@ -241,7 +241,7 @@

    Integer

    unning status of the dedicated engine. The value can be 0 (creating), 1 (running), 2 (deleting), 3 (deleted), 4 (creation failed), 5 (frozen), 6 (abnormal), 7 (updating), or 8 (update failed).

    +

    Running status of the dedicated engine. The value can be 0 (creating), 1 (running), 2 (deleting), 3 (deleted), 4 (creation failed), 5 (frozen), 6 (abnormal), 7 (updating), or 8 (update failed).

    access_status

    @@ -258,7 +258,10 @@

    Integer

    Whether the dedicated engine can be upgraded. The value can be 0 for no or 1 for yes.

    +

    Whether the dedicated engine can be upgraded.

    +

    • 0: the dedicated engine is non-upgradable

      +

    • 1: the dedicated engine is upgradable

      +

    cloudServiceType

    @@ -286,7 +289,7 @@

    String

    Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB.

    +

    Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB. 8vCPUs | 16GB maps to waf.instance.enterprise, and 2vCPUs | 4GB to waf.instance. professional.

    hosts

    @@ -310,6 +313,27 @@

    ID of the ECS hosting the dedicated engine. This parameter is the same as server_id, and will be deleted.

    create_time

    +

    Long

    +

    Timestamp when the dedicated WAF engine was created.

    +

    data_volume_size

    +

    Integer

    +

    Size of the data disk, in GB.

    +

    res_tenant_type

    +

    Integer

    +

    Type of the dedicated WAF instance. Its value is always 1, which means the type of the dedicated WAF instance is Network Interface.

    +
    @@ -453,7 +477,8 @@ "hostname" : "demo.www.com" } ], "instancename" : "0412elb", - "instance_name" : "0412elb" + "instance_name" : "0412elb", + "create_time" : 1649217360674 } ] }
    diff --git a/docs/wafd/api-ref/ListPolicy.html b/docs/wafd/api-ref/ListPolicy.html index 585200a9..ec60472f 100644 --- a/docs/wafd/api-ref/ListPolicy.html +++ b/docs/wafd/api-ref/ListPolicy.html @@ -3,7 +3,7 @@

    Querying Protection Policies

    Function

    This API is used to query the list of protection policies.

    -

    URI

    GET /v1/{project_id}/waf/policy

    +

    URI

    GET /v1/{project_id}/waf/policy

    @@ -196,13 +196,34 @@ - + + + + + + + + + + + + - - - -
    Table 1 Path Parameters

    Parameter

    Array of protected domain names for which the policy is used. Each policy can be used to one or more domain names. You can specify a policy for a domain name when you add the domain name to WAF by calling the API Adding a Protected Domain Name.

    host

    +

    hosts

    Array of strings

    Array of IDs of protected domain names. The ID of a protected domain name is unique and generated by WAF when you add the domain name to WAF. To obtain the IDs, call the API Querying Domain Names Protected by Dedicated WAF Engines. To add a domain name to WAF, call the API Adding a Protected Domain Name.

    extend

    +

    PolicyExtend object

    +

    Switch for enabling or disabling Deep Inspection and Header Inspection in Basic Web Protection.

    +

    share_info

    +

    ShareInfo object

    +

    Whether to share a policy. This parameter is reserved and can be ignored currently.

    +

    modulex_options

    +

    ModulexOptions object

    +

    Whether to enable intelligent CC protection. This parameter is reserved and can be ignored currently.

    +

    timestamp

    Long

    @@ -210,13 +231,6 @@

    Time the policy is created. The value is a 13-digit timestamp, in ms.

    extend

    -

    Map<String,String>

    -

    This parameter is redundant in this version. It will be used in the later versions.

    -
    @@ -279,19 +293,9 @@

    Boolean

    Whether anti-crawler protection is enabled. Anti-crawler protection includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

    -

    • true: enabled

      -

    • false: disabled

      -
    -

    crawler

    -

    Boolean

    -

    Whether feature-based anti-crawler is enabled. This parameter is fixed at true.

    -

    • true: enabled

      -

    • false: disabled

      +

    JavaScript anti-crawler function.

    +

    • true: Enabled

      +

    • false: Disabled

    Boolean

    Whether other crawler check is enabled. The value can be:

    +

    Whether webshell check is enabled. The value can be:

    • true: enabled

    • false: disabled

    @@ -425,25 +429,49 @@

    followed_action

    +

    Boolean

    +

    Whether the Known Attack Source protection is enabled.. The value can be:

    +

    • true: enabled

      +

    • false: disabled

      +
    +

    bot_enable

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    Feature-based anti-crawler. This feature includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

    +

    • true: Enabled

      +

    • false: Disabled

      +
    +

    crawler

    +

    Boolean

    +

    This parameter is reserved and can be ignored currently.

    precise

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter is reserved and can be ignored currently.

    followed_action

    +

    modulex_enabled

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter is reserved and can be ignored currently.

    +

    Enumeration values:

    +

    • true

      +

    • false

      +
    -

    Status code: 400

    -
    Table 9 Response body parameters

    Parameter

    +
    + + + + + + + + + +
    Table 9 PolicyExtend

    Parameter

    +

    Type

    +

    Description

    +

    extend

    +

    String

    +

    Protection statuses for advanced settings in basic web protection. By default, this parameter is left blank, and the Deep Inspection and Header Inspection are disabled.

    +

    • If deep_decode is set to true, the Deep Inspection is enabled.

      +

    • If check_all_headers is set to true, the Header Inspection is enabled.

      +

    • If deep_decode and check_all_headers are set to false, the Deep Inspection and Header Inspection are disabled.

      +
    +
    +
    + +
    @@ -492,18 +542,202 @@ - - - - - - + + + + + + +
    Table 10 ShareInfo

    Parameter

    Type

    error_code

    +

    share_count

    String

    +

    Integer

    Error code

    +

    Total number of the users who share the address group.

    error_msg

    +

    accept_count

    String

    +

    Integer

    Error message

    +

    Number of users who accept the sharing

    +

    process_status

    +

    Integer

    +

    Status

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 11 ModulexOptions

    Parameter

    +

    Type

    +

    Description

    +

    global_rate_enabled

    +

    Boolean

    +

    Status of the global rate limiting function (counting requests to all WAF instances when limiting traffic).

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    global_rate_mode

    +

    String

    +

    Protection mode of the global rate limiting function.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    precise_rules_enabled

    +

    Boolean

    +

    Status of the intelligent precise protection.

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    precise_rules_mode

    +

    String

    +

    Protection mode of the intelligent precise protection.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    precise_rules_managed_mode

    +

    String

    +

    Management mode of the intelligent precise protection.

    +

    • auto: WAF manages automatically generated rules.

      +

    • manual: You can manage rules that are automatically generated by WAF.

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    precise_rules_aging_mode

    +

    String

    +

    Aging mode of the intelligent precise protection.

    +

    • manual: You can customize the maximum age of the rule.

      +

    • auto: Automatic

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    precise_rules_retention

    +

    Integer

    +

    Maximum age of the intelligent precise protection.

    +

    cc_rules_enabled

    +

    Boolean

    +

    Status of the intelligent CC attack protection.

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    cc_rules_mode

    +

    String

    +

    Protection mode of the intelligent CC attack protection rule.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    cc_rules_managed_mode

    +

    String

    +

    Management mode of the intelligent CC attack protection.

    +

    • auto: WAF manages automatically generated rules.

      +

    • manual: You can manage rules that are automatically generated by WAF.

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    cc_rules_aging_mode

    +

    String

    +

    Aging mode of the intelligent CC attack protection..

    +

    • manual: You can customize the maximum age of the rule.

      +

    • auto: Automatic

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    cc_rules_retention

    +

    Integer

    +

    Maximum age of the intelligent CC attack protection.

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + @@ -511,26 +745,26 @@

    Status code: 401

    -
    Table 12 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message
    Table 10 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -538,26 +772,26 @@

    Status code: 500

    -
    Table 13 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 11 Response body parameters

    Parameter

    +
    - - - - - - - - diff --git a/docs/wafd/api-ref/ListPremiumHost.html b/docs/wafd/api-ref/ListPremiumHost.html index 2824b6c8..04740b5f 100644 --- a/docs/wafd/api-ref/ListPremiumHost.html +++ b/docs/wafd/api-ref/ListPremiumHost.html @@ -1,9 +1,9 @@

    Querying Domain Names Protected by Dedicated WAF Engines

    -

    Function

    Querying Domain Names Protected by Dedicated WAF Engines

    +

    Function

    This API is used to query domain names protected by dedicated WAF engines.

    -

    URI

    GET /v1/{project_id}/premium-waf/host

    +

    URI

    GET /v1/{project_id}/premium-waf/host

    Table 14 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -209,7 +209,7 @@ - - - - - - @@ -249,9 +249,13 @@ - @@ -259,10 +263,40 @@ - + + +
    Table 1 Path Parameters

    Parameter

    Flag object

    Special domain name identifier, which is used to store additional domain name configurations.

    +

    Special domain name identifier, which is used to store additional domain name configurations. Currently, this function is not supported. You can ignore this parameter.

    hostid

    @@ -219,18 +219,18 @@

    Domain name ID. This parameter has the same meaning as parameter id and will be deleted.

    hostId

    +

    web_tag

    String

    Domain name ID. This parameter has the same meaning as parameter id and will be deleted.

    +

    website name

    waf_type

    +

    extend

    String

    +

    Extend object

    WAF mode. The value is premium, indicating the dedicated WAF engine.

    +

    This parameter includes some extended information about the protected domain name.

    String

    Whether PCI 3DS certification check is enabled for the domain name. Currently, this function is not supported. The default value is false. You can ignore this parameter.

    -

    • true: PCI 3DS check is enabled.

      -

    • false: PCI 3DS check is disenabled.

      +

    Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected.

    +

    • true: Enable this check.

      +

    • false: Disable this check.

      +
    +

    Enumeration values:

    +

    • true

      +

    • false

    String

    Whether PCI DDS certification check is enabled for the domain name.

    -

    • true: PCI DDS check is enabled.

      -

    • false: PCI DDS check is disenabled.

      +

    Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected.

    +

    • true: Enable this check.

      +

    • false: Disable this check.

    +

    Enumeration values:

    +

    • true

      +

    • false

      +
    +
    +
    + +
    + + + + + + + + + + + @@ -270,26 +304,26 @@

    Status code: 400

    -
    Table 7 Extend

    Parameter

    +

    Type

    +

    Description

    +

    ltsInfo

    +

    String

    +

    Details about LTS configuration

    +

    extend

    +

    String

    +

    Timeout configuration details.
    Table 7 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -297,26 +331,26 @@

    Status code: 401

    -
    Table 8 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 8 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -324,26 +358,26 @@

    Status code: 500

    -
    Table 9 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 9 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -367,8 +401,8 @@ "protect_status" : 1, "access_status" : 0, "hostid" : "ee896796e1a84f3f85865ae0853d8974", - "hostId" : "262d200fea74406cb0c1a52327122a2c", - "waf_type" : "premium" + "web_tag" : "", + "description" : "" } ] } diff --git a/docs/wafd/api-ref/ListPrivacyRules.html b/docs/wafd/api-ref/ListPrivacyRules.html index cd1991f2..30bc83fa 100644 --- a/docs/wafd/api-ref/ListPrivacyRules.html +++ b/docs/wafd/api-ref/ListPrivacyRules.html @@ -3,7 +3,7 @@

    Querying the Data Masking Rule List

    Function

    This API is used to query the data masking rule list.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/privacy

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/privacy

    Table 10 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -30,7 +30,7 @@ - @@ -62,7 +62,7 @@ - diff --git a/docs/wafd/api-ref/ListPunishmentRules.html b/docs/wafd/api-ref/ListPunishmentRules.html new file mode 100644 index 00000000..4ba48ed3 --- /dev/null +++ b/docs/wafd/api-ref/ListPunishmentRules.html @@ -0,0 +1,324 @@ + + +

    Querying the List of Known Attack Source Rules

    +

    Function

    This API is used to query the list of known attack source rules.

    +
    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/punishment

    + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    Integer

    Number of records on each page. The maximum value is 100.

    +

    Number of records on each page. The maximum value is 2147483647.
    + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    project_id

    +

    policy_id

    +

    Yes

    +

    String

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    +
    +
    + +
    + + + + + + + + + + + + + + + + +
    Table 2 Query Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    page

    +

    No

    +

    Integer

    +

    Page

    +

    pagesize

    +

    No

    +

    Integer

    +

    Number of records on each page. The maximum value is 2147483647.

    +
    +
    + +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 3 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    auth token

    +

    Content-Type

    +

    No

    +

    String

    +

    Content type.

    +

    Default: application/json;charset=utf8

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    total

    +

    Integer

    +

    The number of known attack source rules.

    +

    items

    +

    Array of PunishmentInfo objects

    +

    The list of known attack source rules.

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 5 PunishmentInfo

    Parameter

    +

    Type

    +

    Description

    +

    id

    +

    String

    +

    Rule ID

    +

    policyid

    +

    String

    +

    Policy ID

    +

    block_time

    +

    Integer

    +

    Block duration, in seconds.

    +

    category

    +

    String

    +

    Type of the know attack source rule.

    +

    description

    +

    String

    +

    Description

    +

    timestamp

    +

    Long

    +

    Timestamp the rule is created.

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 7 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 8 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/punishment?
    +
    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "items" : [ {
+    "block_time" : 305,
+    "category" : "long_ip_block",
+    "description" : "test",
+    "id" : "2c3afdcc982b429da4f72ee483aece3e",
+    "policyid" : "2fcbcb23ef0d48d99d24d7dcff00307d",
+    "timestamp" : 1668148186106
+  } ],
+  "total" : 1
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    Request succeeded.

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    + +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/ListQpsTimeline.html b/docs/wafd/api-ref/ListQpsTimeline.html index 983d4501..00ab0384 100644 --- a/docs/wafd/api-ref/ListQpsTimeline.html +++ b/docs/wafd/api-ref/ListQpsTimeline.html @@ -3,7 +3,7 @@

    Querying the QPS Statistics

    Function

    This API is used to query the website QPS statistics.

    -

    URI

    GET /v1/{project_id}/waf/overviews/qps/timeline

    +

    URI

    GET /v1/{project_id}/waf/overviews/qps/timeline

    diff --git a/docs/wafd/api-ref/ListStatistics.html b/docs/wafd/api-ref/ListStatistics.html index 89298aa8..2059c70b 100644 --- a/docs/wafd/api-ref/ListStatistics.html +++ b/docs/wafd/api-ref/ListStatistics.html @@ -3,7 +3,7 @@

    Querying Website Request Statistics

    Function

    This API is used to query website request statistics.

    -

    URI

    GET /v1/{project_id}/waf/overviews/statistics

    +

    URI

    GET /v1/{project_id}/waf/overviews/statistics

    Table 1 Path Parameters

    Parameter
    diff --git a/docs/wafd/api-ref/ListValueList.html b/docs/wafd/api-ref/ListValueList.html index 56fbd07c..f57a931c 100644 --- a/docs/wafd/api-ref/ListValueList.html +++ b/docs/wafd/api-ref/ListValueList.html @@ -3,7 +3,7 @@

    Querying the Reference Table List

    Function

    This API is used to query the reference table list. A reference table can be referenced by CC attack protection rules and precise protection rules. For details about how to use reference tables, see "Adding a Reference Table" under "Rule Configurations" in Web Application Firewall User Guide.

    -

    URI

    GET /v1/{project_id}/waf/valuelist

    +

    URI

    GET /v1/{project_id}/waf/valuelist

    Table 1 Path Parameters

    Parameter
    @@ -53,7 +53,7 @@ - + + + +
    Table 1 Path Parameters

    Parameter

    Integer

    Number of records on each page. The maximum value is 100.

    +

    Number of records on each page. The maximum value is 2147483647.

    name

    @@ -187,6 +187,16 @@

    Value of the reference table

    producer

    +

    Integer

    +

    This parameter is reserved and can be ignored currently.

    +

    Enumeration values:

    +

    • 1

      +
    +
    @@ -283,7 +293,9 @@ "name" : "demo", "type" : "url", "values" : [ "/demo" ], - "timestamp" : 1656495488880 + "timestamp" : 1656495488880, + "description" : "", + "producer" : 1 } ] }
    diff --git a/docs/wafd/api-ref/ListWhiteblackipRules.html b/docs/wafd/api-ref/ListWhiteblackipRules.html new file mode 100644 index 00000000..0280371d --- /dev/null +++ b/docs/wafd/api-ref/ListWhiteblackipRules.html @@ -0,0 +1,371 @@ + + +

    Querying the Blacklist and Whitelist Rule List

    +

    Function

    This API is used to query the list of blacklist and whitelist rules.

    +
    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackip

    + +
    + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    Project ID

    +

    policy_id

    +

    Yes

    +

    String

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + +
    Table 2 Query Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    page

    +

    No

    +

    Integer

    +

    Page.

    +

    Default: 1

    +

    pagesize

    +

    No

    +

    Integer

    +

    Number of records on each page. The maximum value is 2147483647.

    +

    name

    +

    No

    +

    String

    +

    Rule name, Fuzzy search is supported.

    +
    +
    +
    +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 3 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    User Token

    +

    Content-Type

    +

    No

    +

    String

    +

    Content type

    +

    Default: application/json;charset=utf8

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    total

    +

    Integer

    +

    Number of rules

    +

    items

    +

    Array of WhiteBlackIpResponseBody objects

    +

    Rules

    +

    size

    +

    Integer

    +

    Number of rules. This parameter is reserved and can be ignored.

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 5 WhiteBlackIpResponseBody

    Parameter

    +

    Type

    +

    Description

    +

    id

    +

    String

    +

    Rule ID

    +

    name

    +

    String

    +

    Rule name.

    +

    policyid

    +

    String

    +

    Policy ID.

    +

    timestamp

    +

    Long

    +

    Rule creation time

    +

    description

    +

    String

    +

    Rule description.

    +

    status

    +

    Integer

    +

    Rule status. The value can be:

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

      +
    +

    addr

    +

    String

    +

    Blacklisted or whitelisted IP addresses

    +

    white

    +

    Integer

    +

    Protective action. The value can be:

    +

    • 0: WAF blocks the requests that hit the rule.

      +

    • 1: WAF allows the requests that hit the rule.

      +

    • 2: WAF only logs the requests that hit the rule.

      +
    +

    followed_action_id

    +

    String

    +

    ID of a known attack source rule. This parameter can be configured only when white is set to 0.

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 7 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 8 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/whiteblackip?
    +
    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "total" : 1,
+  "size" : 1,
+  "items" : [ {
+    "id" : "3c96caf769ca4f57814fcf4259ea89a1",
+    "policyid" : "4dddfd44fc89453e9fd9cd6bfdc39db2",
+    "timestamp" : 1650362891844,
+    "description" : "demo",
+    "status" : 1,
+    "addr" : "x.x.x.x",
+    "white" : 0
+  } ]
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    Request succeeded.

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    +
    +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/RenameInstance.html b/docs/wafd/api-ref/RenameInstance.html index 7814d125..0c08f38b 100644 --- a/docs/wafd/api-ref/RenameInstance.html +++ b/docs/wafd/api-ref/RenameInstance.html @@ -3,7 +3,7 @@

    Renaming a Dedicated WAF Engine

    Function

    This API is used to rename a dedicated WAF engine

    -

    URI

    PUT /v1/{project_id}/premium-waf/instance/{instance_id}

    +

    URI

    PUT /v1/{project_id}/premium-waf/instance/{instance_id}

    @@ -50,7 +50,7 @@ - @@ -203,7 +203,7 @@ - - - - - - - - -
    Table 1 Path Parameters

    Parameter

    X-Auth-Token

    No

    +

    Yes

    String

    Integer

    unning status of the dedicated engine. The value can be 0 (creating), 1 (running), 2 (deleting), 3 (deleted), 4 (creation failed), 5 (frozen), 6 (abnormal), 7 (updating), or 8 (update failed).

    +

    Running status of the dedicated engine. The value can be 0 (creating), 1 (running), 2 (deleting), 3 (deleted), 4 (creation failed), 5 (frozen), 6 (abnormal), 7 (updating), or 8 (update failed).

    access_status

    @@ -220,7 +220,10 @@

    Integer

    Whether the dedicated engine can be upgraded. The value can be 0 for no or 1 for yes.

    +

    Whether the dedicated engine can be upgraded.

    +

    • 0: the dedicated engine is non-upgradable

      +

    • 1: the dedicated engine is upgradable

      +

    cloudServiceType

    @@ -248,14 +251,7 @@

    String

    Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB.

    -

    hosts

    -

    Array of IdHostnameEntry objects

    -

    Domain name protected by the dedicated engine.

    +

    Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB. 8vCPUs | 16GB maps to waf.instance.enterprise, and 2vCPUs | 4GB to waf.instance. professional.

    server_id

    @@ -272,30 +268,25 @@

    ID of the ECS hosting the dedicated engine. This parameter is the same as server_id, and will be deleted.
    -
    - -
    - - - - - - - - - - + + + + @@ -303,26 +294,26 @@

    Status code: 400

    -
    Table 5 IdHostnameEntry

    Parameter

    -

    Type

    -

    Description

    -

    id

    +

    create_time

    String

    +

    Long

    ID of the protected domain name. This is a unique ID automatically generated by the system.

    +

    Timestamp when the dedicated WAF engine was created.

    hostname

    +

    data_volume_size

    String

    +

    Integer

    Protected domain name

    +

    Size of the data disk, in GB.

    +

    res_tenant_type

    +

    Integer

    +

    Type of the dedicated WAF instance. Its value is always 1, which means the type of the dedicated WAF instance is Network Interface.
    Table 6 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -330,26 +321,26 @@

    Status code: 401

    -
    Table 5 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 7 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -357,26 +348,26 @@

    Status code: 500

    -
    Table 6 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 8 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -411,10 +402,6 @@ "cpu_flavor" : "Si2.2xlarge.2", "run_status" : 2, "access_status" : 1, - "hosts" : [ { - "id" : "c3be17bbe3a641c7a1ded6019c377402", - "hostname" : "demo.www.com" - } ], "instancename" : "0412elb", "instance_name" : "0412elb" } diff --git a/docs/wafd/api-ref/ShowAnticrawlerRule.html b/docs/wafd/api-ref/ShowAnticrawlerRule.html new file mode 100644 index 00000000..f00fae2c --- /dev/null +++ b/docs/wafd/api-ref/ShowAnticrawlerRule.html @@ -0,0 +1,326 @@ + + +

    Querying a JavaScript Anti-Crawler Rule

    +

    Function

    This API is used to query a JavaScript anti-crawler rule by ID.

    +
    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/anticrawler/{rule_id}

    + +
    Table 7 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    + + + + + + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    Project ID. To obtain it, go to Cloud management console and hover the cursor over your username. On the displayed window, choose My Credentials. Then, in the Projects area, view Project ID of the corresponding project.

    +

    policy_id

    +

    Yes

    +

    String

    +

    ID of a protection policy. You can specify a protection policy ID to query the rules used in the protection policy. You can obtain the policy ID by calling the ListPolicy API.

    +

    rule_id

    +

    Yes

    +

    String

    +

    Rule ID.

    +
    +
    + +
    + + + + + + + + + + + +
    Table 2 Query Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    enterprise_project_id

    +

    No

    +

    String

    +

    You can obtain the ID by calling the ListEnterpriseProject API of EPS.

    +
    +
    + +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 3 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

    +

    Content-Type

    +

    Yes

    +

    String

    +

    Content type.

    +

    Default: application/json;charset=utf8

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    policyid

    +

    String

    +

    Policy ID.

    +

    id

    +

    String

    +

    Rule ID.

    +

    url

    +

    String

    +

    URL to which the rule applies.

    +

    logic

    +

    Integer

    +

    Rule matching logic

    +

    • 1: Include

      +

    • 2: Not include

      +

    • 3: Equal

      +

    • 4: Not equal

      +

    • 5: Prefix is

      +

    • 6: Prefix is not

      +

    • 7: Suffix is

      +

    • 8: Suffix is not

      +
    +

    name

    +

    String

    +

    Rule name.

    +

    type

    +

    String

    +

    JavaScript anti-crawler rule type.

    +

    • anticrawler_specific_url: used to protect a specific path specified by the rule.

      +

    • anticrawler_except_url: used to protect all paths except the one specified by the rule.

      +
    +

    timestamp

    +

    Long

    +

    Timestamp the rule is created.

    +

    status

    +

    Integer

    +

    Rule status. The value can be 0 or 1.

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

      +
    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 5 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 7 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/anticrawler/{rule_id}?
    +
    +

    Example Responses

    Status code: 200

    +

    ok

    +
    {
+  "id" : "607d14b8153540c0af51a00fe2140d05",
+  "policyid" : "777716e0b7b84b5192b9d373f7c6d4f0",
+  "name" : "demo",
+  "timestamp" : 1675152776784,
+  "status" : 1,
+  "url" : "/patent/id",
+  "logic" : 1,
+  "type" : "anticrawler_except_url"
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    ok

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    + +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/ShowAntileakageRule.html b/docs/wafd/api-ref/ShowAntileakageRule.html new file mode 100644 index 00000000..1dd2e0a5 --- /dev/null +++ b/docs/wafd/api-ref/ShowAntileakageRule.html @@ -0,0 +1,298 @@ + + +

    Querying an Information Leakage Prevention Rule by ID

    +

    Function

    This API is used to query an information leakage prevention rule by ID.

    +
    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}

    + +
    + + + + + + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    project_id

    +

    policy_id

    +

    Yes

    +

    String

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    +

    rule_id

    +

    Yes

    +

    String

    +

    ID of the information leakage protection rule. It can be obtained by calling the ListAntileakageRules API.

    +
    +
    +
    +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 2 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    auth token

    +

    Content-Type

    +

    No

    +

    String

    +

    Content type.

    +

    Default: application/json;charset=utf8

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 3 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    id

    +

    String

    +

    Rule ID

    +

    url

    +

    String

    +

    URL to which the rule applies.

    +

    category

    +

    String

    +

    Sensitive information type in the information leakage prevention rule.

    +

    • sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.

      +

    • code: The rule blocks response pages of specified HTTP response code.

      +
    +

    Enumeration values:

    +

    • code

      +

    • sensitive

      +
    +

    contents

    +

    Array of strings

    +

    Content corresponding to the sensitive information type. Multiple options can be set.

    +

    • When category is set to code, the pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.

      +

    • When category is set to sensitive, parameters phone, id_card, and email can be set.

      +
    +

    timestamp

    +

    Long

    +

    Timestamp the rule is created.

    +

    description

    +

    String

    +

    Rule description.

    +

    status

    +

    Integer

    +

    Rule status. The value can be:

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

      +
    +

    Enumeration values:

    +

    • 0

      +

    • 1

      +
    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 5 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}?
    +
    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "id" : "82c4f04f84fd4b2b9ba4b4ea0df8ee82",
+  "policyid" : "2fcbcb23ef0d48d99d24d7dcff00307d",
+  "timestamp" : 1668152426471,
+  "description" : "demo",
+  "status" : 1,
+  "url" : "/attack",
+  "category" : "sensitive",
+  "contents" : [ "id_card" ]
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    Request succeeded.

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    +
    +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/ShowAntitamperRule.html b/docs/wafd/api-ref/ShowAntitamperRule.html index 15ef4112..e9994f8d 100644 --- a/docs/wafd/api-ref/ShowAntitamperRule.html +++ b/docs/wafd/api-ref/ShowAntitamperRule.html @@ -3,7 +3,7 @@

    Querying a Web Tamper Protection Rule by ID

    Function

    This API is used to query a web tamper protection rule by ID.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}

    @@ -30,7 +30,7 @@ - - @@ -132,7 +132,7 @@ -
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    Rule ID

    +

    ID of the web tamper protection rule. It can be obtained by calling the ListAntitamperRules API.

    String

    Domain name protected by the web tamper protection rule

    +

    The domain name of the website protected with the web tamper protection rule. The domain name is in the format of xxx.xxx.com, such as www.example.com.

    url

    diff --git a/docs/wafd/api-ref/ShowCcRule.html b/docs/wafd/api-ref/ShowCcRule.html index dc1e3651..6c05efda 100644 --- a/docs/wafd/api-ref/ShowCcRule.html +++ b/docs/wafd/api-ref/ShowCcRule.html @@ -3,7 +3,7 @@

    Querying a CC Attack Protection Rule by ID

    Function

    This API is used to query a CC attack protection rule by ID.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}

    @@ -30,7 +30,7 @@ - - @@ -126,40 +126,8 @@ - - - - - - - - - - - - - - - - @@ -173,6 +141,82 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - - - - - + + + + + + + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID. It can be obtained by calling the API Querying Protection Policies.

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    ccRuleId

    +

    ID of the cc rule. It can be obtained by calling the ListCcRules API.

    Integer

    Mode.

    -

    • 0: Standard

      -

    • 1: Advanced

      -
    -

    limit_num

    -

    String

    -

    Number of requests allowed from a web visitor in a rate limiting period

    -

    limit_period

    -

    String

    -

    Rate limiting period

    -

    lock_time

    -

    String

    -

    How long a web visitor will be locked The value range is [0 to 2^32), in seconds.

    -

    tag_type

    -

    String

    -

    Protection mode.

    -

    • ip: IP-based rate limiting. Website visitors are identified by IP address.

      -

    • cookie: User-based rate limiting. Website visitors are identified by the cookie key value.

      -

    • other: A website visitor is identified by the Referer field (user-defined request source).

      +

      • 0: Standard.

        +

      • 1: Advanced.

    conditions

    +

    Array of CcCondition objects

    +

    Rate limit conditions of the CC protection rule. This parameter is mandatory when the CC protection rule is in advanced mode (i.e. the value of mode is 1).

    +

    action

    +

    action object

    +

    Protection action to take if the number of requests reaches the upper limit.

    +

    tag_type

    +

    String

    +

    Rate limit mode.

    +

    • ip: IP-based rate limiting. Website visitors are identified by IP address.

      +

    • cookie: User-based rate limiting. Website visitors are identified by the cookie key value.

      +

    • other: Website visitors are identified by the Referer field (user-defined request source).

      +
    +

    Enumeration values:

    +

    • ip

      +

    • other

      +

    • cookie

      +

    • header

      +
    +

    tag_index

    +

    String

    +

    User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).

    +

    • cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.

      +

    • header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.

      +
    +

    tag_condition

    +

    tag_condition object

    +

    User tag. This parameter is mandatory when the rate limit mode is set to other. -other: A website visitor is identified by the Referer field (user-defined request source).

    +

    limit_num

    +

    Integer

    +

    Rate limit frequency based on the number of requests. The value ranges from 1 to 2,147,483,647.

    +

    limit_period

    +

    Integer

    +

    Rate limit period, in seconds. The value ranges from 1 to 3,600.

    +

    unlock_num

    +

    Integer

    +

    Allowable frequency based on the number of requests. The value ranges from 0 to 2,147,483,647. This parameter is required only when the protection action type is dynamic_block.

    +

    lock_time

    +

    Integer

    +

    Block duration, in seconds. The value ranges from 0 to 65,535. Specifies the period within which access is blocked. An error page is displayed in this period.

    +

    description

    String

    @@ -180,18 +224,32 @@

    Rule description

    action

    +

    total_num

    action object

    +

    Integer

    Action to take if the number of requests reaches the upper limit.

    +

    This parameter is reserved and can be ignored currently.

    conditions

    +

    unaggregation

    Array of conditions objects

    +

    Boolean

    Condition list. This parameter is returned when mode is set to 1.

    +

    This parameter is reserved and can be ignored currently.

    +

    aging_time

    +

    Integer

    +

    Rule aging time. This parameter is reserved and can be ignored currently.

    +

    producer

    +

    Integer

    +

    Rule creation object. This parameter is reserved and can be ignored currently.

    timestamp

    @@ -205,7 +263,7 @@
    -
    Table 4 action

    Parameter

    +
    @@ -217,28 +275,77 @@ - - - + + + + + + + + + + + +
    Table 4 CcCondition

    Parameter

    Type

    String

    Action type:

    -

    • block: WAF blocks discovered attacks.

      -

    • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

      -

    • If tag_type is set to other, the value can only be block.

      +

    Field type. The value can be url, ip, params, cookie, or header.

    +

    Enumeration values:

    +

    • url

      +

    • ip

      +

    • params

      +

    • cookie

      +

    • header

    detail

    +

    logic_operation

    String

    Action details. If detail is null, the default block page is displayed by default.

    -

    • This parameter cannot be included when category is set to captcha.

      -

    • This parameter is required when category is set to block.

      +

    Logic for matching the condition.

    +

    • If the category is url, the optional operations are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal and len_not_equal

      +

    • If the category is ip, the optional operations are: equal, not_equal, , equal_any and not_equal_all

      +

    • If the category is params, cookie and header, the optional operations are: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal, len_not_equal, num_greater, num_less, num_equal, num_not_equal, exist and not_exist

    +

    Enumeration values:

    +

    • contain

      +

    • not_contain

      +

    • equal

      +

    • not_equal

      +

    • prefix

      +

    • not_prefix

      +

    • suffix

      +

    • not_suffix

      +

    • contain_any

      +

    • not_contain_all

      +

    • equal_any

      +

    • not_equal_all

      +

    • prefix_any

      +

    • not_prefix_all

      +

    • suffix_any

      +

    • not_suffix_all

      +

    • num_greater

      +

    • num_less

      +

    • num_equal

      +

    • num_not_equal

      +

    • exist

      +

    • not_exist

      +
    +

    contents

    +

    Array of strings

    +

    Content of the conditions. This parameter is mandatory when the suffix of logic_operation is not any or all.

    +

    value_list_id

    +

    String

    +

    Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is mandatory when the suffix of logic_operation is any or all. The reference table type must be the same as the category type.

    +

    index

    +

    String

    +

    Subfield. When category is set to params, cookie, or header, set this parameter based on site requirements. This parameter is mandatory.
    -
    Table 5 detail

    Parameter

    +
    @@ -246,18 +353,39 @@ - - - + + + +
    Table 5 action

    Parameter

    Type

    response

    +

    category

    response object

    +

    String

    Returned page.

    +

    Action type:

    +

    • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

      +

    • block: WAF blocks the requests. When tag_type is set to other, the value can only be block.

      +

    • log: WAF logs the event only.

      +

    • dynamic_block: In the previous rate limit period, if the request frequency exceeds the value of Rate Limit Frequency, the request is blocked. In the next rate limit period, if the request frequency exceeds the value of Permit Frequency, the request is still blocked. Note: The dynamic_block protection action can be set only when the advanced protection mode is enabled for the CC protection rule.

      +
    +

    Enumeration values:

    +

    • captcha

      +

    • block

      +

    • log

      +

    • dynamic_block

      +
    +

    detail

    +

    detail object

    +

    Block page information. When protection action category is set to block or dynamic_block, you need to set the returned block page.

    +

    • If you want to use the default block page, this parameter can be excluded.

      +

    • If you want to use a custom block page, set this parameter.

      +
    -
    Table 6 response

    Parameter

    +
    @@ -265,25 +393,18 @@ - - - - - - -
    Table 6 detail

    Parameter

    Type

    content_type

    +

    response

    String

    +

    response object

    Content type. The value can only be application/json, text/html, or text/xml.

    -

    content

    -

    String

    -

    Contents

    +

    Block Page
    -
    Table 7 conditions

    Parameter

    +
    @@ -291,39 +412,49 @@ - - - - - - - - - +
    Table 7 response

    Parameter

    Type

    category

    +

    content_type

    String

    Field type. The options are as follows: ip, cookie, and url

    -

    index

    -

    String

    -

    Parameter description:

    -

    • When the field type is ip or url, the index parameter is not required.

      -

    • When the field type is cookie and the subfield is customized, the value of index is the customized subfield.

      +

    Content type. The value can only be application/json, text/html, or text/xml.

    +

    Enumeration values:

    +

    • application/json

      +

    • text/html

      +

    • text/xml

    logic_operation

    +

    content

    String

    Condition matching logic. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, equal_any, and not_equal_any, contain_any, and not_contain_any.

    -

    • When the field type is url, the following matching logics are supported: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix.

      -

    • When the field type is ip, the following matching logics are supported: equal, not_equal, equal_any, and not_equal_any.

      -

    • When category is set to cookie, the following matching logics are supported: contain, not_contain, equal, not_equal. prefix, not_prefix, suffix, not_suffix, contain_any, and not_contain_any.

      -
    +

    Block page information.

    contents

    +
    +
    + +
    + + + + + - - + + + + @@ -331,26 +462,26 @@

    Status code: 400

    -
    Table 8 tag_condition

    Parameter

    +

    Type

    +

    Description

    +

    category

    Array of strings

    +

    String

    Content of the conditions.

    +

    User identifier. The value is fixed at referer.

    +

    contents

    +

    Array of strings

    +

    Content of the user identifier field.
    Table 8 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -358,26 +489,26 @@

    Status code: 401

    -
    Table 9 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    - + + + + @@ -341,6 +415,8 @@ "priority" : 50, "status" : 1, "time" : false, + "aging_time" : 0, + "producer" : 1, "timestamp" : 1656495488880 } diff --git a/docs/wafd/api-ref/ShowEvent.html b/docs/wafd/api-ref/ShowEvent.html index de72d0f3..a355f2cc 100644 --- a/docs/wafd/api-ref/ShowEvent.html +++ b/docs/wafd/api-ref/ShowEvent.html @@ -3,7 +3,7 @@

    Querying Attack Event Details

    Function

    This API is used to query the details about an attack event.

    -

    URI

    GET /v1/{project_id}/waf/event/{eventid}

    +

    URI

    GET /v1/{project_id}/waf/event/{eventid}

    Table 9 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -385,26 +516,26 @@

    Status code: 500

    -
    Table 10 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -203,7 +229,35 @@ - + + + +
    Table 10 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -416,7 +547,6 @@

    Example Responses

    Status code: 200

    Request succeeded.

    {
-  "aging_time" : 0,
   "description" : "",
   "id" : "a5f3fd28db564696b199228f0ac346b2",
   "limit_num" : 10,
@@ -429,7 +559,9 @@
   "tag_type" : "ip",
   "timestamp" : 1656494435686,
   "total_num" : 0,
+  "aging_time" : 0,
   "unaggregation" : false,
+  "producer" : 1,
   "url" : "/path"
 }
    diff --git a/docs/wafd/api-ref/ShowCertificate.html b/docs/wafd/api-ref/ShowCertificate.html index d6c8c704..cdf4e75e 100644 --- a/docs/wafd/api-ref/ShowCertificate.html +++ b/docs/wafd/api-ref/ShowCertificate.html @@ -3,7 +3,7 @@

    Querying a Certificate

    Function

    This API is used to query a certificate.

    -

    URI

    GET /v1/{project_id}/waf/certificate/{certificate_id}

    +

    URI

    GET /v1/{project_id}/waf/certificate/{certificate_id}

    Table 11 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    diff --git a/docs/wafd/api-ref/ShowCustomRule.html b/docs/wafd/api-ref/ShowCustomRule.html index c66e1961..d47b7053 100644 --- a/docs/wafd/api-ref/ShowCustomRule.html +++ b/docs/wafd/api-ref/ShowCustomRule.html @@ -3,7 +3,7 @@

    Querying a Precise Protection Rule by ID

    Function

    This API is used to query a precise protection rule by ID.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}

    Table 1 Path Parameters

    Parameter
    @@ -30,7 +30,7 @@ - - @@ -135,13 +135,6 @@ - - - - + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID. It can be obtained by calling the API Querying Protection Policies.

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    customRuleId

    +

    ID of the precise protection rule. It can be obtained by calling the ListCustomeRules API.

    Protective action of the precise protection rule.

    action_mode

    -

    Boolean

    -

    This parameter is reserved and can be ignored.

    -

    priority

    Integer

    @@ -170,6 +163,27 @@

    Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.

    action_mode

    +

    Boolean

    +

    This parameter is reserved and can be ignored currently.

    +

    aging_time

    +

    Integer

    +

    Rule aging time. This parameter is reserved and can be ignored currently.

    +

    producer

    +

    Integer

    +

    Rule creation object. This parameter is reserved and can be ignored currently.

    +
    @@ -187,6 +201,18 @@

    String

    Field type. The options are url, user-agent, ip, params, cookie, referer, header, request_line, method, and request.

    +

    Enumeration values:

    +

    • url

      +

    • user-agent

      +

    • ip

      +

    • params

      +

    • cookie

      +

    • referer

      +

    • header

      +

    • request_line

      +

    • method

      +

    • request

      +

    index

    @@ -195,7 +221,7 @@

    Subfield

    • When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.

      -

    • If the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

      +

    • When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

    String

    Logic for matching the condition. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix. For more details, see the console UI.

    +

    Logic for matching the condition.

    +

    Enumeration values:

    +

    • contain

      +

    • not_contain

      +

    • equal

      +

    • not_equal

      +

    • prefix

      +

    • not_prefix

      +

    • suffix

      +

    • not_suffix

      +

    • contain_any

      +

    • not_contain_all

      +

    • equal_any

      +

    • not_equal_all

      +

    • prefix_any

      +

    • not_prefix_all

      +

    • suffix_any

      +

    • not_suffix_all

      +

    • len_greater

      +

    • len_less

      +

    • len_equal

      +

    • len_not_equal

      +

    • num_greater

      +

    • num_less

      +

    • num_equal

      +

    • num_not_equal

      +

    • exist

      +

    • not_exist

      +

    contents

    @@ -213,6 +267,13 @@

    Content of the conditions.

    value_list_id

    +

    String

    +

    Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is available only when a reference table is used when a protection rule is created.

    +
    @@ -229,10 +290,23 @@

    String

    Action type.

    -

    • block: WAF blocks attacks.

      -

    • pass: WAF allows requests.

      +

    Operation type

    +

    • block: WAF blocks attacks.

      +

    • pass: WAF allows requests.

      +

    • log: WAF only logs detected attacks.

    +

    Enumeration values:

    +

    • block

      +

    • pass

      +

    • log

      +
    +

    followed_action_id

    +

    String

    +

    ID of a known attack source rule. This parameter can be configured only when category is set to block.
    @@ -161,12 +161,12 @@

  • rfi: Remote file inclusion

  • webshell: Website Trojans

  • cc: CC attacks

    -

  • custom_custom: Precise protection

    -

  • custom_whiteblackip: IP address blacklist and whitelist

    -

  • custom_geoip: Geolocation access control

    -

  • antitamper: Web tamper protection

    -

  • anticrawler: Anti-crawler protection

    -

  • leakage: Data leakage prevention

    +

  • custom_custom: attack protected by the precise protection rules

    +

  • custom_whiteblackip: attack protected by the blacklist and whitelist protection rule

    +

  • custom_geoip: attack protected by the geolocation access control protection rule

    +

  • antitamper: attack protected by the web tamper protection rules

    +

  • anticrawler: attack protected by the anti-crawler protection rules

    +

  • leakage: attack protected by the information leakage protection rule

  • illegal: Illegal requests

  • vuln: Other attack types

    • @@ -270,6 +270,13 @@ + + + +
    Table 1 Path Parameters

    Parameter

    Response body content.

    request_body

    +

    String

    +

    Request body

    +
    diff --git a/docs/wafd/api-ref/ShowGeoipRule.html b/docs/wafd/api-ref/ShowGeoipRule.html new file mode 100644 index 00000000..722293fe --- /dev/null +++ b/docs/wafd/api-ref/ShowGeoipRule.html @@ -0,0 +1,324 @@ + + +

    Querying a Geolocation Access Control Rule by ID

    +

    Function

    This API is used to query a geolocation access control rule by ID.

    +
    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}

    + +
    + + + + + + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    Project ID

    +

    policy_id

    +

    Yes

    +

    String

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    +

    rule_id

    +

    Yes

    +

    String

    +

    ID of the geolocation access control rule. It can be obtained by calling the ListGeoipRules API.

    +
    +
    +
    +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 2 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    User token

    +

    Content-Type

    +

    Yes

    +

    String

    +

    Content type

    +

    Default: application/json;charset=utf8

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 3 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    id

    +

    String

    +

    Rule ID.

    +

    policyid

    +

    String

    +

    Policy ID

    +

    name

    +

    String

    +

    Rule name. Currently, the console does not support configuring names for geolocation access control rule. Ignore this parameter.

    +

    geoTagList

    +

    Array of strings

    +

    List of geographical locations hit the geolocation access control rule.

    +

    geoip

    +

    String

    +

    Applicable regions. The value can be the region code.

    +

    • CA: Canada

      +

    • US: USA

      +

    • AU: Australia

      +

    • IN: India

      +

    • JP: Japan

      +

    • UK: United Kingdom

      +

    • FR: France

      +

    • DE: Germany

      +

    • BR: Brazil

      +

    • Ukraine: Ukraine

      +

    • Pakistan: Pakistan

      +

    • Palestine: Palestine

      +

    • Israel: Israel

      +

    • Iraq: Afghanistan

      +

    • Libya: Libya

      +

    • Turkey: Turkey

      +

    • Thailand: Thailand

      +

    • Singapore: Singapore

      +

    • South Africa: South Africa

      +

    • Mexico: Mexico

      +

    • Peru: Peru

      +

    • For more geographical location codes, see "Appendix - Geographic Location Codes."

      +
    +

    white

    +

    Integer

    +

    Protective action. The value can be:

    +

    • 0: WAF blocks the requests that hit the rule.

      +

    • 1: WAF allows the requests that hit the rule.

      +

    • 2: WAF only logs the requests that hit the rule.

      +
    +

    status

    +

    Integer

    +

    Rule status. The value can be:

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

      +
    +

    timestamp

    +

    Long

    +

    Time the rule is created. The value is a 13-digit timestamp in ms.

    +

    description

    +

    String

    +

    Rule description

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 5 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}?
    +
    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "id" : "02dafa406c4941368a1037b020f15a53",
+  "policyid" : "38ff0cb9a10e4d5293c642bc0350fa6d",
+  "name" : "demo",
+  "description" : "demo",
+  "geoTagList" : [ "BR" ],
+  "geoip" : "BR",
+  "white" : 1
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    Request succeeded.

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    +
    +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/ShowIgnoreRule.html b/docs/wafd/api-ref/ShowIgnoreRule.html index 746caba8..11e8c2ff 100644 --- a/docs/wafd/api-ref/ShowIgnoreRule.html +++ b/docs/wafd/api-ref/ShowIgnoreRule.html @@ -1,9 +1,9 @@ -

    Querying a False Alarm Masking Rule

    -

    Function

    This API is used to query a false alarm masking rule.

    +

    Querying a Global Protection Whitelist (Formerly False Alarm Masking) Rule by ID

    +

    Function

    This API is used to querying a global protection whitelist (formerly false alarm masking) rule by ID.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}

    @@ -30,7 +30,7 @@ - - @@ -94,96 +94,85 @@ - - - - - - - - - - - - - - - - - - + + + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    Rule ID

    +

    ID of the false alarm masking rule. It can be obtained by calling the ListIgnoreRules API.

    String

    Rule ID.

    +

    Rule ID

    policyid

    String

    Policy ID.

    +

    Policy ID

    timestamp

    Long

    Rule creation time.

    +

    Timestamp the rule was created.

    description

    String

    Provides supplementary information about the assignment.

    +

    Rule Description

    status

    Integer

    Rule status. The value can be:

    -

    • 0: The rule is disabled.

      -

    • 1: The rule is enabled.

      +

    Rule status. The value can be 0 or 1.

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

    url

    -

    String

    -

    URL protected by the web tamper protection rule. The value must be in the standard URL format, for example, /admin.

    -

    rule

    String

    Masked rule. The value can be the ID of a rule that is matched, all rules (all), or enumeration value of the attack type. To mask a built-in rule included in Basic Web Protection, set this parameter to the ID of the rule. To obtain the rule ID, go to the WAF console. Then, choose Policies and click the policy name. On the displayed page, find the Basic Web Protection area and click Advanced Settings. On the displayed page, click Protection Rule and view the rule ID. To disable a certain type of rule, the value can be:

    -

    • xss or sqli: XSS attacks

      -

    • cmdi: Command injectionrobot: Malicious crawlers

      -

    • lfi: Local file inclusion

      -

    • rfi: Remote file inclusionwebshell: Website Trojans

      -

    • cc: CC attacks -custom_custom: Precise protection

      -

    • custom_whiteblackip: IP address blacklist and whitelist

      -

    • custom_geoip: Geolocation access control

      -

    • antitamper: Web tamper protection

      -

    • anticrawler: Anti-crawler protection

      -

    • leakage: Data leakage prevention

      -

    • illegal: Illegal requests

      -

    • vuln: Other attack types

      +

    Items to be masked. You can provide multiple items and separate them with semicolons (;).

    +

    • If you want to disable a specific built-in rule for a domain name, the value of this parameter is the rule ID. When requests are blocked against a certain built-in rule while you do not want this rule to block requests later, you can query the rule in the Events page on the console and find its rule ID in the Hit Rule column. Then, you can disk the rule by its ID (including 6 digits).

      +

    • If you want to mask a type of basic web protection rules, set this parameter to the name of the type of basic web protection rules. xss: XSS attacks webshell: Web shells vuln: Other types of attacks sqli: SQL injection attack robot: Malicious crawlers rfi: Remote file inclusion lfi: Local file inclusion cmdi: Command injection attack

      +

    • To bypass the basic web protection, set this parameter to all.

      +

    • To bypass all WAF protection, set this parameter to bypass.

    url_logic

    +

    mode

    String

    +

    Integer

    URL match logic:

    -

    • equal: full match

      -

    • prefix: prefix match

      -
    +

    The value is fixed at 1, indicating v2 false alarm masking rules are used.

    domains

    +

    conditions

    Array of strings

    +

    Array of Condition objects

    Protected domain name

    +

    Condition list

    advanced

    advanced object

    +

    Array of Advanced objects

    advanced

    +

    Advanced settings

    +

    domain

    +

    Array of strings

    +

    Domain names to be protected. If the array length is 0, this rule will take effect for all domain names that are protected by the policies this rule belongs to.
    -
    Table 4 advanced

    Parameter

    +
    @@ -191,24 +180,68 @@ - - + + + + + + + + + + + + + + + + + + +
    Table 4 Condition

    Parameter

    Type

    index

    +

    category

    String

    To ignore attacks of a specified field, specify the field in the Advanced Settings area. After you complete the configuration, WAF will stop intercepting attack events of the specified field. The following fields are supported:

    -

    • cookie: session cookie

      -

    • header: header field

      -

    • body: body field

      -

    • multipart: multipart/form-data type data

      -

    • params: parameter

      +

    Field type. The value can be ip, url, params, cookie, or header.

    +

    contents

    +

    Array of strings

    +

    Content. The array length must be 1. The content format varies depending on field types. For example, if the field type is ip, the value must be an IP address or IP address range. If the field type is url, the value must be a URL in standard format. If the field type is params, cookie, or header, the content format is not limited.

    +

    logic_operation

    +

    String

    +

    The matching logic varies depending on the field type. For example, if the field type is ip, the logic can be equal or not_equal. If the field type is url, params, cookie, or header, the logic can be equal, not_equal, contain, not_contain, prefix, not_prefix, suffix, not_suffix.

    +

    check_all_indexes_logic

    +

    Integer

    +

    This parameter is reserved and can be ignored.

    +

    index

    +

    String

    +

    If the field type is ip and the subfield is the client IP address, the index parameter does not exist. If the subfield type is X-Forwarded-For, the value is x-forwarded-for. If the field type is params, header, or cookie, and the subfield is user-defined, the value of index is the user-defined subfield.

    +
    +
    + +
    + + + + + + + - - - @@ -216,26 +249,26 @@

    Status code: 400

    -
    Table 5 Advanced

    Parameter

    +

    Type

    +

    Description

    +

    index

    +

    String

    +

    Field type. The following field types are supported: Params, Cookie, Header, Body, and Multipart.

    +

    • When you select Params, Cookie, or Header, you can set this parameter to all or configure subfields as required.

      +

    • When you select Body or Multipart, set this parameter to all.

    content

    +

    contents

    String

    +

    Array of strings

    Specified field (available only for param, cookie, and header)

    +

    Subfield of the specified field type. The default value is all.
    Table 5 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -243,26 +276,26 @@

    Status code: 401

    -
    Table 6 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 6 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -270,26 +303,26 @@

    Status code: 500

    -
    Table 7 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 7 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -301,15 +334,19 @@

    Example Responses

    Status code: 200

    Request succeeded.

    {
-  "id" : "c20f67b3e1c040c0b0d8866e568ee8bf",
-  "policyid" : "a75e96d8284c4c4f98ada7d391e8342c",
-  "timestamp" : 1656507126528,
-  "description" : "",
+  "id" : "40484384970948d79fffe4e4ae1fc54d",
+  "policyid" : "f385eceedf7c4c34a4d1def19eafbe85",
+  "timestamp" : 1650512535222,
+  "description" : "demo",
   "status" : 1,
-  "domain" : [ "test3.th.com" ],
-  "rule" : "webshell",
-  "url_logic" : "equal",
-  "url" : "/demo"
+  "rule" : "091004",
+  "mode" : 1,
+  "conditions" : [ {
+    "category" : "ip",
+    "contents" : [ "x.x.x.x" ],
+    "logic_operation" : "equal"
+  } ],
+  "domain" : [ "we.test.418lab.cn" ]
 }

    Status Codes

    diff --git a/docs/wafd/api-ref/ShowInstance.html b/docs/wafd/api-ref/ShowInstance.html index 46cb69d2..d792c86d 100644 --- a/docs/wafd/api-ref/ShowInstance.html +++ b/docs/wafd/api-ref/ShowInstance.html @@ -3,7 +3,7 @@

    Querying Details about a Dedicated WAF Engine

    Function

    This API is used to query details about a dedicated WAF engine.

    -

    URI

    GET /v1/{project_id}/premium-waf/instance/{instance_id}

    +

    URI

    GET /v1/{project_id}/premium-waf/instance/{instance_id}

    Table 8 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -50,7 +50,7 @@ - @@ -180,7 +180,7 @@ - - - - - - - - -
    Table 1 Path Parameters

    Parameter

    X-Auth-Token

    No

    +

    Yes

    String

    Integer

    unning status of the dedicated engine. The value can be 0 (creating), 1 (running), 2 (deleting), 3 (deleted), 4 (creation failed), 5 (frozen), 6 (abnormal), 7 (updating), or 8 (update failed).

    +

    Running status of the dedicated engine. The value can be 0 (creating), 1 (running), 2 (deleting), 3 (deleted), 4 (creation failed), 5 (frozen), 6 (abnormal), 7 (updating), or 8 (update failed).

    access_status

    @@ -197,7 +197,10 @@

    Integer

    Whether the dedicated engine can be upgraded. The value can be 0 for no or 1 for yes.

    +

    Whether the dedicated engine can be upgraded.

    +

    • 0: the dedicated engine is non-upgradable

      +

    • 1: the dedicated engine is upgradable

      +

    cloudServiceType

    @@ -225,14 +228,7 @@

    String

    Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB.

    -

    hosts

    -

    Array of IdHostnameEntry objects

    -

    Domain name protected by the dedicated engine.

    +

    Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB. 8vCPUs | 16GB maps to waf.instance.enterprise, and 2vCPUs | 4GB to waf.instance. professional.

    server_id

    @@ -256,30 +252,18 @@

    Timestamp when the dedicated WAF engine was created.
    -
    - -
    - - - - - - - - - - @@ -287,26 +271,26 @@

    Status code: 400

    -
    Table 4 IdHostnameEntry

    Parameter

    -

    Type

    -

    Description

    -

    id

    +

    data_volume_size

    String

    +

    Integer

    ID of the protected domain name. This is a unique ID automatically generated by the system.

    +

    Size of the data disk, in GB.

    hostname

    +

    res_tenant_type

    String

    +

    Integer

    Protected domain name

    +

    Type of the dedicated WAF instance. Its value is always 1, which means the type of the dedicated WAF instance is Network Interface.
    Table 5 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -314,26 +298,26 @@

    Status code: 401

    -
    Table 4 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    Table 6 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -341,26 +325,26 @@

    Status code: 500

    -
    Table 5 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    - - - - - @@ -280,7 +291,7 @@ - + + + + - + + + + - - - @@ -423,9 +458,34 @@
    Table 7 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -391,10 +375,6 @@ "cpu_flavor" : "Si2.2xlarge.2", "run_status" : 2, "access_status" : 1, - "hosts" : [ { - "id" : "c3be17bbe3a641c7a1ded6019c377402", - "hostname" : "demo.www.com" - } ], "instancename" : "0412elb", "instance_name" : "0412elb", "create_time" : 1649217360674 diff --git a/docs/wafd/api-ref/ShowPolicy.html b/docs/wafd/api-ref/ShowPolicy.html index 9e9cd5b0..36532643 100644 --- a/docs/wafd/api-ref/ShowPolicy.html +++ b/docs/wafd/api-ref/ShowPolicy.html @@ -3,7 +3,7 @@

    Querying a Policy by ID

    Function

    This API is used to query a policy by ID.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}

    Table 6 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -137,13 +137,41 @@ - + + + + + + + + + + + + + + + + - - - -
    Table 1 Path Parameters

    Parameter

    Array of protected domain names for which the policy is used. Each policy can be used to one or more domain names. You can specify a policy for a domain name when you add the domain name to WAF by calling the API Adding a Protected Domain Name.

    host

    +

    hosts

    Array of strings

    Array of IDs of protected domain names. The ID of a protected domain name is unique and generated by WAF when you add the domain name to WAF. To obtain the IDs, call the API Querying Domain Names Protected by Dedicated WAF Engines. To add a domain name to WAF, call the API Adding a Protected Domain Name.

    robot_action

    +

    Action object

    +

    Feature-based anti-crawler protection mode. This parameter is unavailable for newly created protection policies. The default protection mode is Log only.

    +

    extend

    +

    PolicyExtend object

    +

    Switch for enabling or disabling Deep Inspection and Header Inspection in Basic Web Protection.

    +

    share_info

    +

    ShareInfo object

    +

    Whether to share a policy. This parameter is reserved and can be ignored currently.

    +

    modulex_options

    +

    ModulexOptions object

    +

    Whether to enable intelligent CC protection. This parameter is reserved and can be ignored currently.

    +

    timestamp

    Long

    @@ -151,13 +179,6 @@

    Time the policy is created. The value is a 13-digit timestamp, in ms.

    extend

    -

    Map<String,String>

    -

    This parameter is redundant in this version. It will be used in the later versions.

    -
    @@ -220,19 +241,9 @@

    Boolean

    Whether anti-crawler protection is enabled. Anti-crawler protection includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

    -

    • true: enabled

      -

    • false: disabled

      -
    -

    crawler

    -

    Boolean

    -

    Whether feature-based anti-crawler is enabled. This parameter is fixed at true.

    -

    • true: enabled

      -

    • false: disabled

      +

    JavaScript anti-crawler function.

    +

    • true: Enabled

      +

    • false: Disabled

    Boolean

    Whether other crawler check is enabled. The value can be:

    +

    Whether webshell check is enabled. The value can be:

    • true: enabled

    • false: disabled

    @@ -366,25 +377,49 @@

    followed_action

    +

    Boolean

    +

    Whether the Known Attack Source protection is enabled.. The value can be:

    +

    • true: enabled

      +

    • false: disabled

      +
    +

    bot_enable

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    Feature-based anti-crawler. This feature includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

    +

    • true: Enabled

      +

    • false: Disabled

      +
    +

    crawler

    +

    Boolean

    +

    This parameter is reserved and can be ignored currently.

    precise

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter is reserved and can be ignored currently.

    followed_action

    +

    modulex_enabled

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter is reserved and can be ignored currently.

    +

    Enumeration values:

    +

    • true

      +

    • false

      +
    -

    Status code: 400

    -
    Table 7 Response body parameters

    Parameter

    +
    + + + + + + + + + +
    Table 7 Action

    Parameter

    +

    Type

    +

    Description

    +

    category

    +

    String

    +

    Protective action for feature-based anti-crawler rules:

    +

    • log: WAF only logs discovered attacks.

      +

    • block: WAF blocks discovered attacks.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +
    +
    + +
    @@ -433,26 +493,55 @@ - - - - - -
    Table 8 PolicyExtend

    Parameter

    Type

    error_code

    +

    extend

    String

    Error code

    -

    error_msg

    -

    String

    -

    Error message

    +

    Protection statuses for advanced settings in basic web protection. By default, this parameter is left blank, and the Deep Inspection and Header Inspection are disabled.

    +

    • If deep_decode is set to true, the Deep Inspection is enabled.

      +

    • If check_all_headers is set to true, the Header Inspection is enabled.

      +

    • If deep_decode and check_all_headers are set to false, the Deep Inspection and Header Inspection are disabled.

      +
    -

    Status code: 401

    -
    Table 8 Response body parameters

    Parameter

    +
    + + + + + + + + + + + + + + + + + +
    Table 9 ShareInfo

    Parameter

    +

    Type

    +

    Description

    +

    share_count

    +

    Integer

    +

    Total number of the users who share the address group.

    +

    accept_count

    +

    Integer

    +

    Number of users who accept the sharing

    +

    process_status

    +

    Integer

    +

    Status

    +
    +
    + +
    @@ -460,26 +549,150 @@ - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 10 ModulexOptions

    Parameter

    Type

    error_code

    +

    global_rate_enabled

    String

    +

    Boolean

    Error code

    +

    Status of the global rate limiting function (counting requests to all WAF instances when limiting traffic).

    +

    • false: Disabled.

      +

    • true: Enabled.

      +

    error_msg

    +

    global_rate_mode

    String

    Error message

    +

    Protection mode of the global rate limiting function.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    precise_rules_enabled

    +

    Boolean

    +

    Status of the intelligent precise protection.

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    precise_rules_mode

    +

    String

    +

    Protection mode of the intelligent precise protection.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    precise_rules_managed_mode

    +

    String

    +

    Management mode of the intelligent precise protection.

    +

    • auto: WAF manages automatically generated rules.

      +

    • manual: You can manage rules that are automatically generated by WAF.

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    precise_rules_aging_mode

    +

    String

    +

    Aging mode of the intelligent precise protection.

    +

    • manual: You can customize the maximum age of the rule.

      +

    • auto: Automatic

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    precise_rules_retention

    +

    Integer

    +

    Maximum age of the intelligent precise protection.

    +

    cc_rules_enabled

    +

    Boolean

    +

    Status of the intelligent CC attack protection.

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    cc_rules_mode

    +

    String

    +

    Protection mode of the intelligent CC attack protection rule.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    cc_rules_managed_mode

    +

    String

    +

    Management mode of the intelligent CC attack protection.

    +

    • auto: WAF manages automatically generated rules.

      +

    • manual: You can manage rules that are automatically generated by WAF.

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    cc_rules_aging_mode

    +

    String

    +

    Aging mode of the intelligent CC attack protection..

    +

    • manual: You can customize the maximum age of the rule.

      +

    • auto: Automatic

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    cc_rules_retention

    +

    Integer

    +

    Maximum age of the intelligent CC attack protection.
    -

    Status code: 500

    +

    Status code: 400

    -
    Table 9 Response body parameters

    Parameter

    +
    @@ -504,6 +717,60 @@
    Table 11 Response body parameters

    Parameter

    Type
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 12 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 13 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}?
    diff --git a/docs/wafd/api-ref/ShowPremiumHost.html b/docs/wafd/api-ref/ShowPremiumHost.html index 42d1f2c1..2de89c2f 100644 --- a/docs/wafd/api-ref/ShowPremiumHost.html +++ b/docs/wafd/api-ref/ShowPremiumHost.html @@ -3,7 +3,7 @@

    Querying Domain Name Settings in Dedicated Mode

    Function

    This API is used to query domain name settings in dedicated mode.

    -

    URI

    GET /v1/{project_id}/premium-waf/host/{host_id}

    +

    URI

    GET /v1/{project_id}/premium-waf/host/{host_id}

    @@ -120,7 +120,11 @@ - @@ -156,14 +161,20 @@ - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + @@ -299,11 +352,18 @@ + + + +
    Table 1 Path Parameters

    Parameter

    String

    HTTP protocol

    +

    Client protocol, which is the protocol used by a client (for example, a browser) to access your website.

    +

    Enumeration values:

    +

    • HTTPS

      +

    • HTTP

      +

    tls

    @@ -141,7 +145,8 @@

    • cipher_1: ECDHE-ECDSA-AES256-GCM-SHA384:HIGH:!MEDIUM:!LOW:!aNULL:!eNULL:!DES:!MD5:!PSK:!RC4:!kRSA:!SRP:!3DES:!DSS:!EXP:!CAMELLIA:@STRENGTH

    • cipher_2: EECDH+AESGCM:EDH+AESGCM

    • cipher_3: ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH

      -

    • cipher_4. ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!EDH n - cipher_default: ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM

      +

    • cipher_4. ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!EDH

      +

    • cipher_default: ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM

    String

    HTTPS certificate ID. It can be obtained by calling the ListCertificates API. n - This parameter is not required when the client protocol is HTTP. n - This parameter is mandatory when the client protocol is HTTPS.

    +

    HTTPS certificate ID. It can be obtained by calling the ListCertificates API.

    +

    • This parameter is not required when the client protocol is HTTP.

      +

    • This parameter is mandatory when the client protocol is HTTPS.

      +

    certificatename

    String

    Certificate name. n - This parameter is not required when the client protocol is HTTP. n - This parameter is mandatory when the client protocol is HTTPS.

    +

    Certificate name.

    +

    • This parameter is not required when the client protocol is HTTP.

      +

    • This parameter is mandatory when the client protocol is HTTPS.

      +

    proxy

    @@ -202,18 +213,18 @@

    timestamp

    +

    access_progress

    Long

    +

    Array of Access_progress objects

    Time a domain name is added to WAF

    +

    Access progress, which is used only for the new console (frontend).

    flag

    Flag object

    Special domain name identifier, which is used to store additional domain name configurations

    +

    Feature switch for configuring compliance certification checks for domain names protected with the dedicated WAF instance.

    block_page

    @@ -225,9 +236,51 @@

    extend

    Map<String,String>

    +

    Extend object

    Extended attribute

    +

    This parameter includes some extended information about the protected domain name.

    +

    traffic_mark

    +

    TrafficMark object

    +

    Traffic identifier

    +

    circuit_breaker

    +

    CircuitBreaker object

    +

    Circuit breaker configuration

    +

    timeout_config

    +

    TimeoutConfig object

    +

    Timeout settings

    +

    web_tag

    +

    String

    +

    website name

    +

    description

    +

    String

    +

    website remarks

    +

    timestamp

    +

    Long

    +

    Creation time.

    weight

    +

    Integer

    +

    This parameter is reserved and can be ignored currently.

    +
    -
    Table 5 Flag

    Parameter

    +
    @@ -311,23 +371,24 @@ - - - - - - @@ -335,7 +396,7 @@
    Table 5 Access_progress

    Parameter

    Type

    pci_3ds

    +

    step

    String

    +

    Integer

    Whether PCI 3DS certification check is enabled for the domain name. Currently, this function is not supported. The default value is false. You can ignore this parameter.

    -

    • true: PCI 3DS check is enabled.

      -

    • false: PCI 3DS check is disenabled.

      +

    Step

    +

    • 1: whitelisting WAF IP addresses.

      +

    • 2: testing WAF.

      +

    • 3:modifying DNS record.

    pci_dss

    +

    status

    String

    +

    Integer

    Whether PCI DDS certification check is enabled for the domain name.

    -

    • true: PCI DDS check is enabled.

      -

    • false: PCI DDS check is disenabled.

      +

    Status. The value can be 0 or 1.

    +

    • 0: The step has not been finished.

      +

    • 1: The step has finished.
    -
    Table 6 BlockPage

    Parameter

    +
    @@ -343,32 +404,39 @@ - - - - - - - -
    Table 6 Flag

    Parameter

    Type

    template

    +

    pci_3ds

    String

    Template name

    +

    Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected.

    +

    • true: Enable this check.

      +

    • false: Disable this check.

      +
    +

    Enumeration values:

    +

    • true

      +

    • false

      +

    custom_page

    -

    CustomPage object

    -

    Custom alarm page

    -

    redirect_url

    +

    pci_dss

    String

    Redirection URL

    +

    Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected.

    +

    • true: Enable this check.

      +

    • false: Disable this check.

      +
    +

    Enumeration values:

    +

    • true

      +

    • false

      +
    -
    Table 7 CustomPage

    Parameter

    +
    @@ -376,33 +444,69 @@ - - - - - - -
    Table 7 BlockPage

    Parameter

    Type

    status_code

    +

    template

    String

    Status Codes

    +

    Template type. The value can be:

    +

    • default: The default block page is returned when a request is blocked.

      +

    • custom: Your custom block page is returned when a request is blocked.

      +

    • redirect: The request is redirected to the URL you specify.

      +

    content_type

    +

    custom_page

    String

    +

    CustomPage object

    Content type of alarm page

    +

    Custom alarm page

    content

    +

    redirect_url

    String

    Page content

    +

    Redirection URL
    -

    Status code: 400

    -
    Table 8 Response body parameters

    Parameter

    +
    + + + + + + + + + + + + + + + + + +
    Table 8 CustomPage

    Parameter

    +

    Type

    +

    Description

    +

    status_code

    +

    String

    +

    Status Codes

    +

    content_type

    +

    String

    +

    Content type of alarm page

    +

    content

    +

    String

    +

    Page content

    +
    +
    + +
    @@ -410,26 +514,58 @@ - - - -
    Table 9 Extend

    Parameter

    Type

    error_code

    +

    ltsInfo

    String

    Error code

    +

    Details about LTS configuration

    error_msg

    +

    extend

    String

    Error message

    +

    Timeout configuration details.
    -

    Status code: 401

    -
    Table 9 Response body parameters

    Parameter

    +
    + + + + + + + + + + + + + + + + + +
    Table 10 TrafficMark

    Parameter

    +

    Type

    +

    Description

    +

    sip

    +

    Array of strings

    +

    IP tag. HTTP request header field of the original client IP address.

    +

    cookie

    +

    String

    +

    Session tag. This tag is used by known attack source rules to block malicious attacks based on cookie attributes. This parameter must be configured in known attack source rules to block requests based on cookie attributes.

    +

    params

    +

    String

    +

    User tag. This tag is used by known attack source rules to block malicious attacks based on params attributes. This parameter must be configured to block requests based on the params attributes.

    +
    +
    + +
    @@ -437,18 +573,143 @@ - - - - - - + + + + + + + + + + + + + + + + + + + + + + +
    Table 11 CircuitBreaker

    Parameter

    Type

    error_code

    +

    switch

    String

    +

    Boolean

    Error code

    +

    Whether to enable connection protection.

    +

    • true: Enable connection protection.

      +

    • false: Disable the connection protection.

      +

    error_msg

    +

    dead_num

    String

    +

    Integer

    Error message

    +

    502/504 error threshold. 502/504 errors allowed for every 30 seconds.

    +

    dead_ratio

    +

    Number

    +

    A breakdown protection is triggered when the 502/504 error threshold and percentage threshold have been reached.

    +

    block_time

    +

    Integer

    +

    Protection period upon the first breakdown. During this period, WAF stops forwarding client requests.

    +

    superposition_num

    +

    Integer

    +

    The maximum multiplier you can use for consecutive breakdowns. The number of breakdowns are counted from 0 every time the accumulated breakdown protection duration reaches 3,600s. For example, assume that Initial Downtime (s) is set to 180s and Multiplier for Consecutive Breakdowns is set to 3. If the breakdown is triggered for the second time, that is, less than 3, the protection duration is 360s (180s X 2). If the breakdown is triggered for the third or fourth time, that is, equal to or greater than 3, the protection duration is 540s (180s X 3). When the accumulated downtime duration exceeds 1 hour (3,600s), the number of breakdowns are counted from 0.

    +

    suspend_num

    +

    Integer

    +

    Threshold of the number of pending URL requests. Connection protection is triggered when the threshold has been reached.

    +

    sus_block_time

    +

    Integer

    +

    Downtime duration after the connection protection is triggered. During this period, WAF stops forwarding website requests.

    +
    +
    + +
    + + + + + + + + + + + + + + + + + +
    Table 12 TimeoutConfig

    Parameter

    +

    Type

    +

    Description

    +

    connect_timeout

    +

    Integer

    +

    Timeout for WAF to connect to the origin server.

    +

    send_timeout

    +

    Integer

    +

    Timeout for WAF to send requests to the origin server.

    +

    read_timeout

    +

    Integer

    +

    Timeout for WAF to receive responses from the origin server.

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 13 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + @@ -456,26 +717,26 @@

    Status code: 500

    -
    Table 14 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message
    Table 10 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -517,7 +778,8 @@ "protect_status" : 1, "access_status" : 0, "certificateid" : "360f992501a64de0a65c50a64d1ca7b3", - "certificatename" : "certificatename75315" + "certificatename" : "certificatename75315", + "web_tag" : "" }

    Status Codes

    diff --git a/docs/wafd/api-ref/ShowPrivacyRule.html b/docs/wafd/api-ref/ShowPrivacyRule.html index 86c44319..cc2007e5 100644 --- a/docs/wafd/api-ref/ShowPrivacyRule.html +++ b/docs/wafd/api-ref/ShowPrivacyRule.html @@ -3,7 +3,7 @@

    Querying a Data Masking Rule by ID

    Function

    This API is used to query a data masking rule by ID.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}

    Table 15 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -30,7 +30,7 @@ - - diff --git a/docs/wafd/api-ref/ShowPunishmentRule.html b/docs/wafd/api-ref/ShowPunishmentRule.html new file mode 100644 index 00000000..ea7ef377 --- /dev/null +++ b/docs/wafd/api-ref/ShowPunishmentRule.html @@ -0,0 +1,280 @@ + + +

    Querying a Known Attack Source Rule by ID

    +

    Function

    This API is used to query a known attack source rule by ID.

    +
    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}

    + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    Rule ID

    +

    ID of the data masking rule. It can be obtained by calling the ListPrivacyRules API.
    + + + + + + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    project_id

    +

    policy_id

    +

    Yes

    +

    String

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    +

    rule_id

    +

    Yes

    +

    String

    +

    ID of the known attack source rule. It can be obtained by calling the ListPunishmentRules API.

    +
    +
    + +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 2 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    auth token

    +

    Content-Type

    +

    No

    +

    String

    +

    Content type.

    +

    Default: application/json;charset=utf8

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 3 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    id

    +

    String

    +

    Rule ID

    +

    policyid

    +

    String

    +

    Policy ID

    +

    block_time

    +

    Integer

    +

    Block duration, in seconds.

    +

    category

    +

    String

    +

    Type of the know attack source rule.

    +

    Enumeration values:

    +

    • long_ip_block

      +

    • long_cookie_block

      +

    • long_params_block

      +

    • short_ip_block

      +

    • short_cookie_block

      +

    • short_params_block

      +
    +

    description

    +

    String

    +

    Description

    +

    timestamp

    +

    Long

    +

    Timestamp the rule is created.

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 5 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}?
    +
    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "block_time" : 1233,
+  "category" : "long_ip_block",
+  "description" : "demo",
+  "id" : "2c3afdcc982b429da4f72ee483aece3e",
+  "policyid" : "2fcbcb23ef0d48d99d24d7dcff00307d",
+  "timestamp" : 1668148186106
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    Request succeeded.

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    + +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/ShowValueList.html b/docs/wafd/api-ref/ShowValueList.html new file mode 100644 index 00000000..d80fe246 --- /dev/null +++ b/docs/wafd/api-ref/ShowValueList.html @@ -0,0 +1,285 @@ + + +

    Querying a Reference Table by ID

    +

    Function

    This API is used to query a reference table by ID.

    +
    +

    URI

    GET /v1/{project_id}/waf/valuelist/{table_id}

    + +
    + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    Project ID

    +

    table_id

    +

    Yes

    +

    String

    +

    Reference table ID. It can be obtained by calling the API Querying the Reference Table List

    +
    +
    +
    +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 2 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    User token

    +

    Content-Type

    +

    No

    +

    String

    +

    Content type

    +

    Default: application/json;charset=utf8

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 3 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    id

    +

    String

    +

    ID of a reference table

    +

    name

    +

    String

    +

    Reference table name

    +

    type

    +

    String

    +

    The value can be:

    +

    • url

      +

    • params

      +

    • ip

      +

    • cookie

      +

    • referer

      +

    • user-agent

      +

    • header

      +

    • response_code

      +

    • response_header

      +

    • response_body

      +
    +

    timestamp

    +

    String

    +

    Reference table timestamp

    +

    values

    +

    Array of strings

    +

    Value of the reference table

    +

    description

    +

    String

    +

    Reference table description

    +

    producer

    +

    Integer

    +

    This parameter is reserved and can be ignored currently.

    +

    Enumeration values:

    +

    • 1

      +
    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 5 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/valuelist/{table_id}?
    +
    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "id" : "3978ca9403844a62bbd24bb5b8d16d4e",
+  "name" : "demo2",
+  "type" : "url",
+  "values" : [ "/demo" ],
+  "timestamp" : 1656495488880,
+  "description" : "",
+  "producer" : 1
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    Request succeeded.

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    +
    +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/ShowWhiteblackipRule.html b/docs/wafd/api-ref/ShowWhiteblackipRule.html index ed716c88..0da4b985 100644 --- a/docs/wafd/api-ref/ShowWhiteblackipRule.html +++ b/docs/wafd/api-ref/ShowWhiteblackipRule.html @@ -1,9 +1,9 @@ -

    Querying a Blacklist or Whitelist Rule

    +

    Querying a Blacklist Or Whitelist Rule by ID

    Function

    This API is used to query a blacklist or whitelist rule by ID.

    -

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}

    +

    URI

    GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}

    @@ -30,7 +30,7 @@ - - @@ -97,6 +97,13 @@ + + + + - + + + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    Rule ID

    +

    ID of the blacklist or whitelist rule. It can be obtained by calling the ListWhiteblackipRules API.

    Rule ID

    name

    +

    String

    +

    Rule name.

    +

    policyid

    String

    @@ -132,7 +139,7 @@

    String

    lacklisted or whitelisted IP addresses

    +

    Blacklisted or whitelisted IP addresses

    white

    @@ -146,6 +153,13 @@

    followed_action_id

    +

    String

    +

    ID of the known attack source rule.

    +
    @@ -233,7 +247,17 @@

    Example Requests

    GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}?
    -

    Example Responses

    None

    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "id" : "5d43af25404341058d5ab17b7ba78b56",
+  "policyid" : "38ff0cb9a10e4d5293c642bc0350fa6d",
+  "timestamp" : 1650531872900,
+  "description" : "demo",
+  "status" : 1,
+  "addr" : "x.x.x.x",
+  "white" : 0
+}

    Status Codes

    Status Code

    diff --git a/docs/wafd/api-ref/UpdateAntiTamperRuleRefresh.html b/docs/wafd/api-ref/UpdateAntiTamperRuleRefresh.html new file mode 100644 index 00000000..f66b8e64 --- /dev/null +++ b/docs/wafd/api-ref/UpdateAntiTamperRuleRefresh.html @@ -0,0 +1,283 @@ + + +

    Updating the Cache for a Web Tamper Protection Rule

    +

    Function

    This API is used to updating the cache for a web tamper protection Rule.

    +
    +

    URI

    POST /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}/refresh

    + +
    + + + + + + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    Project ID

    +

    policy_id

    +

    Yes

    +

    String

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    +

    rule_id

    +

    Yes

    +

    String

    +

    ID of the web tamper protection rule. It can be obtained by calling the ListAntitamperRules API.

    +
    +
    +
    +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 2 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    User token

    +

    Content-Type

    +

    Yes

    +

    String

    +

    Content type

    +

    Default: application/json;charset=utf8

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 3 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    id

    +

    String

    +

    Rule ID.

    +

    policyid

    +

    String

    +

    Policy ID

    +

    timestamp

    +

    Long

    +

    Timestamp

    +

    description

    +

    String

    +

    Rule description.

    +

    status

    +

    Integer

    +

    Rule status. The value can be:

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

      +
    +

    hostname

    +

    String

    +

    Websites name protected by the web tamper protection rule, such as www.example.com

    +

    url

    +

    String

    +

    URL for the web tamper protection rule.

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 5 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    POST https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}/refresh?
    +
    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "description" : "",
+  "hostname" : "www.domain.com",
+  "id" : "0f59185b76c143f884d21cd0d88e6fa8",
+  "policyid" : "1f016cde588646aca3fb19f277c44d03",
+  "status" : 1,
+  "timestamp" : 1666506256928,
+  "url" : "/login"
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    Request succeeded.

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    +
    +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/UpdateAnticrawlerRule.html b/docs/wafd/api-ref/UpdateAnticrawlerRule.html new file mode 100644 index 00000000..10abf737 --- /dev/null +++ b/docs/wafd/api-ref/UpdateAnticrawlerRule.html @@ -0,0 +1,382 @@ + + +

    Updating a JavaScript Anti-Crawler Rule

    +

    Function

    This API is used to update a JavaScript anti-crawler rule.

    +
    +

    URI

    PUT /v1/{project_id}/waf/policy/{policy_id}/anticrawler/{rule_id}

    + +
    + + + + + + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    Project ID. To obtain it, go to Cloud management console and hover the cursor over your username. On the displayed window, choose My Credentials. Then, in the Projects area, view Project ID of the corresponding project.

    +

    policy_id

    +

    Yes

    +

    String

    +

    ID of a protection policy. You can specify a protection policy ID to query the rules used in the protection policy. You can obtain the policy ID by calling the ListPolicy API.

    +

    rule_id

    +

    Yes

    +

    String

    +

    Rule ID.

    +
    +
    + +
    + + + + + + + + + + + +
    Table 2 Query Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    enterprise_project_id

    +

    No

    +

    String

    +

    You can obtain the ID by calling the ListEnterpriseProject API of EPS.

    +
    +
    +
    +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 3 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

    +

    Content-Type

    +

    Yes

    +

    String

    +

    Content type.

    +

    Default: application/json;charset=utf8

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + +
    Table 4 Request body parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    url

    +

    Yes

    +

    String

    +

    URL to which the rule applies.

    +

    logic

    +

    Yes

    +

    Integer

    +

    Rule matching logic

    +

    • 1: Include

      +

    • 2: Not include

      +

    • 3: Equal

      +

    • 4: Not equal

      +

    • 5: Prefix is

      +

    • 6: Prefix is not

      +

    • 7: Suffix is

      +

    • 8: Suffix is not

      +
    +

    name

    +

    Yes

    +

    String

    +

    Rule name.

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 5 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    policyid

    +

    String

    +

    Policy ID.

    +

    id

    +

    String

    +

    Rule ID.

    +

    url

    +

    String

    +

    URL to which the rule applies.

    +

    logic

    +

    Integer

    +

    Rule matching logic

    +

    • 1: Include

      +

    • 2: Not include

      +

    • 3: Equal

      +

    • 4: Not equal

      +

    • 5: Prefix is

      +

    • 6: Prefix is not

      +

    • 7: Suffix is

      +

    • 8: Suffix is not

      +
    +

    name

    +

    String

    +

    Rule name.

    +

    type

    +

    String

    +

    JavaScript anti-crawler rule type.

    +

    • anticrawler_specific_url: used to protect a specific path specified by the rule.

      +

    • anticrawler_except_url: used to protect all paths except the one specified by the rule.

      +
    +

    timestamp

    +

    Long

    +

    Timestamp the rule is created.

    +

    status

    +

    Integer

    +

    Rule status. The value can be 0 or 1.

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

      +
    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 7 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 8 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    PUT https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/anticrawler/{rule_id}?
+
+{
+  "url" : "/patent/id",
+  "logic" : 3,
+  "name" : "demo"
+}
    +
    +

    Example Responses

    Status code: 200

    +

    ok

    +
    {
+  "id" : "607d14b8153540c0af51a00fe2140d05",
+  "policyid" : "777716e0b7b84b5192b9d373f7c6d4f0",
+  "name" : "demo",
+  "timestamp" : 1675152776784,
+  "status" : 1,
+  "url" : "/patent/id",
+  "logic" : 3,
+  "type" : "anticrawler_except_url"
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    ok

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    +
    +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/UpdateAntileakageRule.html b/docs/wafd/api-ref/UpdateAntileakageRule.html new file mode 100644 index 00000000..3a7409d7 --- /dev/null +++ b/docs/wafd/api-ref/UpdateAntileakageRule.html @@ -0,0 +1,354 @@ + + +

    Updating an Information Leakage Prevention Rule

    +

    Function

    This API is used to update an information leakage prevention rule.

    +
    +

    URI

    PUT /v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}

    + +
    + + + + + + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    project ID

    +

    policy_id

    +

    Yes

    +

    String

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    +

    rule_id

    +

    Yes

    +

    String

    +

    ID of the information leakage protection rule. It can be obtained by calling the ListAntileakageRules API.

    +
    +
    +
    +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 2 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    auth token

    +

    Content-Type

    +

    Yes

    +

    String

    +

    Content type.

    +

    Default: application/json;charset=utf8

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 3 Request body parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    url

    +

    Yes

    +

    String

    +

    URL to which the rule applies.

    +

    category

    +

    Yes

    +

    String

    +

    Sensitive information type in the information leakage prevention rule.

    +

    • sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.

      +

    • code: The rule blocks response pages of specified HTTP response code.

      +
    +

    Enumeration values:

    +

    • code

      +

    • sensitive

      +
    +

    contents

    +

    Yes

    +

    Array of strings

    +

    Content corresponding to the sensitive information type. Multiple options can be set.

    +

    • When category is set to code, the pages that contain the following HTTP response codes will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.

      +

    • When category is set to sensitive, parameters phone, id_card, and email can be set.

      +
    +

    description

    +

    No

    +

    String

    +

    Description.

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 4 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    id

    +

    String

    +

    Rule ID

    +

    url

    +

    String

    +

    URL to which the rule applies.

    +

    category

    +

    String

    +

    Sensitive information type in the information leakage prevention rule.

    +

    • code: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.

      +

    • sensitive: The rule blocks response pages of specified HTTP response code.

      +
    +

    Enumeration values:

    +

    • code

      +

    • sensitive

      +
    +

    contents

    +

    Array of strings

    +

    Value

    +

    description

    +

    String

    +

    Rule description.

    +

    status

    +

    Integer

    +

    Rule status. The value can be:

    +

    • 0: The rule is disabled.

      +

    • 1: The rule is enabled.

      +
    +

    Enumeration values:

    +

    • 0

      +

    • 1

      +
    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 5 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 7 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    PUT https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}?
+
+{
+  "url" : "/login",
+  "category" : "sensitive",
+  "contents" : [ "id_card" ]
+}
    +
    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "id" : "82c4f04f84fd4b2b9ba4b4ea0df8ee82",
+  "policyid" : "2fcbcb23ef0d48d99d24d7dcff00307d",
+  "timestamp" : 1668152426471,
+  "description" : "demo",
+  "status" : 1,
+  "url" : "/login",
+  "category" : "sensitive",
+  "contents" : [ "id_card" ]
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    Request succeeded.

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    +
    +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/UpdateCcRule.html b/docs/wafd/api-ref/UpdateCcRule.html index 62cd1c62..8eb6edc4 100644 --- a/docs/wafd/api-ref/UpdateCcRule.html +++ b/docs/wafd/api-ref/UpdateCcRule.html @@ -3,7 +3,7 @@

    Updating a CC Attack Protection Rule

    Function

    This API is used to update a CC attack protection rule.

    -

    URI

    PUT /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}

    +

    URI

    PUT /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}

    @@ -30,7 +30,7 @@ - - @@ -90,7 +90,127 @@ - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -99,84 +219,11 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Table 1 Path Parameters

    Parameter

    String

    policyid

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    ccRuleId

    +

    ID of the cc rule. It can be obtained by calling the ListCcRules API.

    description

    +

    mode

    +

    Yes

    +

    Integer

    +

    Protection mode of the CC attack protection rule, which corresponds to the Mode field in the Add CC Attack Protection Rule dialog box on the WAF console.

    +

    • 0: standard. Only the protected paths of domain names can be specified.

      +

    • 1: The path, IP address, cookie, header, and params fields can all be set.

      +
    +

    Enumeration values:

    +

    • 0

      +

    • 1

      +
    +

    url

    +

    Yes

    +

    String

    +

    Path to be protected in the CC attack protection rule. This parameter is mandatory when the CC attack protection rule is in standard mode (i.e. the value of mode is 0).

    +

    conditions

    +

    No

    +

    Array of CcCondition objects

    +

    Rate limit conditions of the CC attack protection rule. This parameter is mandatory when the CC attack protection rule is in advanced mode (i.e. the value of mode is 1).

    +

    action

    +

    Yes

    +

    action object

    +

    Protection action to take if the number of requests reaches the upper limit.

    +

    tag_type

    +

    Yes

    +

    String

    +

    Rate limit mode.

    +

    • ip: IP-based rate limiting. Website visitors are identified by IP address.

      +

    • cookie: User-based rate limiting. Website visitors are identified by the cookie key value.

      +

    • header: User-based rate limiting. Website visitors are identified by the header field.

      +

    • other: Website visitors are identified by the Referer field (user-defined request source).

      +
    +

    Enumeration values:

    +

    • ip

      +

    • cookie

      +

    • header

      +

    • other

      +
    +

    tag_index

    +

    No

    +

    String

    +

    User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).

    +

    • cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.

      +

    • header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.

      +
    +

    tag_condition

    +

    No

    +

    tag_condition object

    +

    User tag. This parameter is mandatory when the rate limit mode is set to other. - other: A website visitor is identified by the Referer field (user-defined request source).

    +

    limit_num

    +

    Yes

    +

    Integer

    +

    Rate limit frequency based on the number of requests. The value ranges from 1 to 2,147,483,647.

    +

    limit_period

    +

    Yes

    +

    Integer

    +

    Rate limit period, in seconds. The value ranges from 1 to 3,600.

    +

    unlock_num

    +

    No

    +

    Integer

    +

    Allowable frequency based on the number of requests. The value ranges from 0 to 2,147,483,647. This parameter is required only when the protection action type is dynamic_block.

    +

    lock_time

    +

    No

    +

    Integer

    +

    Block duration, in seconds. The value ranges from 0 to 65,535. Specifies the period within which access is blocked. An error page is displayed in this period.

    +

    description

    No

    Rule description

    limit_num

    -

    No

    -

    Integer

    -

    Frequency limits

    -

    Minimum: 0

    -

    Maximum: 10000

    -

    limit_period

    -

    No

    -

    Integer

    -

    Frequency limit unit

    -

    Minimum: 0

    -

    Maximum: 10000

    -

    url

    -

    No

    -

    String

    -

    url

    -

    Minimum: 0

    -

    Maximum: 10000

    -

    mode

    -

    No

    -

    Integer

    -

    Work mode. The value can be 0 (standard) or 1 (advanced). The parameters of the advanced mode cannot be described in the same document of the same API. For details, see this parameter on the console page.

    -

    Enumeration values:

    -

    • 0

      -

    • 1

      -
    -

    action

    -

    No

    -

    action object

    -

    Action to take if the number of requests reaches the upper limit.

    -

    tag_type

    -

    No

    -

    String

    -

    Protection mode.

    -

    • ip: A website visitor is identified by the IP address.

      -

    • cookie: A website visitor is identified by the cookie key value.

      -

    • other: A website visitor is identified by the Referer field (user-defined request source).

      -
    -

    Enumeration values:

    -

    • ip

      -

    • other

      -

    • cookie

      -
    -
    -
    Table 4 action

    Parameter

    +
    @@ -188,34 +235,89 @@ - - - + + + + + + + + + + - + + + + +
    Table 4 CcCondition

    Parameter

    Mandatory

    category

    No

    +

    Yes

    String

    Action type:

    -

    • block: WAF blocks discovered attacks.

      -

    • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

      -

    • If tag_type is set to other, the value can only be block.

      +

    Field type. The value can be url, ip, params, cookie, or header.

    +

    Enumeration values:

    +

    • url

      +

    • ip

      +

    • params

      +

    • cookie

      +

    • header

    detail

    +

    logic_operation

    +

    Yes

    +

    String

    +

    Logic for matching the condition.

    +

    • If the category is url, the optional operations are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal and len_not_equal

      +

    • If the category is ip, the optional operations are: equal, not_equal, , equal_any and not_equal_all

      +

    • If the category is params, cookie and header, the optional operations are: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal, len_not_equal, num_greater, num_less, num_equal, num_not_equal, exist and not_exist

      +
    +

    Enumeration values:

    +

    • contain

      +

    • not_contain

      +

    • equal

      +

    • not_equal

      +

    • prefix

      +

    • not_prefix

      +

    • suffix

      +

    • not_suffix

      +

    • contain_any

      +

    • not_contain_all

      +

    • equal_any

      +

    • not_equal_all

      +

    • prefix_any

      +

    • not_prefix_all

      +

    • suffix_any

      +

    • not_suffix_all

      +

    • num_greater

      +

    • num_less

      +

    • num_equal

      +

    • num_not_equal

      +

    • exist

      +

    • not_exist

      +
    +

    contents

    +

    No

    +

    Array of strings

    +

    Content of the conditions. This parameter is mandatory when the suffix of logic_operation is not any or all.

    +

    value_list_id

    No

    String

    Action details. If detail is null, the default block page is displayed by default.

    -

    • This parameter cannot be included when category is set to captcha.

      -

    • This parameter is required when category is set to block.

      -
    +

    Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is mandatory when the suffix of logic_operation is any or all. The reference table type must be the same as the category type.

    +

    index

    +

    No

    +

    String

    +

    Subfield. When category is set to params, cookie, or header, set this parameter based on site requirements. This parameter is mandatory.
    -
    Table 5 detail

    Parameter

    +
    @@ -225,20 +327,43 @@ - + + + + + - -
    Table 5 action

    Parameter

    Mandatory

    response

    +

    category

    +

    Yes

    +

    String

    +

    Action type:

    +

    • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

      +

    • block: WAF blocks the requests. When tag_type is set to other, the value can only be block.

      +

    • log: WAF logs the event only.

      +

    • dynamic_block: In the previous rate limit period, if the request frequency exceeds the value of Rate Limit Frequency, the request is blocked. In the next rate limit period, if the request frequency exceeds the value of Permit Frequency, the request is still blocked. Note: The dynamic_block protection action can be set only when the advanced protection mode is enabled for the CC protection rule.

      +
    +

    Enumeration values:

    +

    • captcha

      +

    • block

      +

    • log

      +

    • dynamic_block

      +
    +

    detail

    No

    response object

    +

    detail object

    Returned page.

    +

    Block page information. When protection action category is set to block or dynamic_block, you need to set the returned block page.

    +

    • If you want to use the default block page, this parameter can be excluded.

      +

    • If you want to use a custom block page, set this parameter.

      +
    -
    Table 6 response

    Parameter

    +
    @@ -248,22 +373,82 @@ - - - - +
    Table 6 detail

    Parameter

    Mandatory

    content_type

    +

    response

    No

    String

    +

    response object

    Content type. The value can only be application/json, text/html, or text/xml.

    +

    Returned page.

    content

    +
    +
    + +
    + + + + + + - - - + + + + + + + +
    Table 7 response

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    content_type

    No

    +

    No

    String

    +

    String

    Protection page content.

    +

    Content type. The value can only be application/json, text/html, or text/xml.

    +

    Enumeration values:

    +

    • application/json

      +

    • text/html

      +

    • text/xml

      +
    +

    content

    +

    No

    +

    String

    +

    Protection page content.

    +
    +
    + +
    + + + + + + + + + + + + + + @@ -272,7 +457,7 @@

    Response Parameters

    Status code: 200

    -
    Table 8 tag_condition

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    category

    +

    No

    +

    String

    +

    User identifier. The value is fixed at referer.

    +

    contents

    +

    No

    +

    Array of strings

    +

    Content of the user identifier field.
    Table 7 Response body parameters

    Parameter

    +
    @@ -317,50 +502,84 @@ - - - - - - - - - - - - + + + + + + + + - + + + + + + + + + + + + - - - - - - - - - + + + +
    Table 9 Response body parameters

    Parameter

    Type

    Mode.

    • 0: Standard.

      -

    • 1: Advanced

      +

    • 1: Advanced.

    limit_num

    +

    conditions

    String

    +

    Array of CcCondition objects

    Number of requests allowed from a web visitor in a rate limiting period

    +

    Rate limit conditions of the CC attack protection rule. This parameter is mandatory when the CC attack protection rule is in advanced mode (i.e. the value of mode is 1).

    limit_period

    +

    action

    String

    +

    action object

    Rate limiting period

    -

    lock_time

    -

    String

    -

    How long a web visitor will be locked The value range is [0 to 2^32), in seconds.

    +

    Protection action to take if the number of requests reaches the upper limit.

    tag_type

    String

    Protection mode.

    +

    Rate limit mode.

    • ip: IP-based rate limiting. Website visitors are identified by IP address.

    • cookie: User-based rate limiting. Website visitors are identified by the cookie key value.

      -

    • other: A website visitor is identified by the Referer field (user-defined request source).

      +

    • other: Website visitors are identified by the Referer field (user-defined request source).

      +
    +

    Enumeration values:

    +

    • ip

      +

    • other

      +

    • cookie

      +

    • header

    status

    +

    tag_index

    +

    String

    +

    User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).

    +

    • cookie: Set the cookie field name. You need to configure an attribute variable name in the cookie that can uniquely identify a web visitor based on your website requirements. This field does not support regular expressions. Only complete matches are supported. For example, if a website uses the name field in the cookie to uniquely identify a website visitor, select name.

      +

    • header: Set the user-defined HTTP header you want to protect. You need to configure the HTTP header that can identify web visitors based on your website requirements.

      +
    +

    tag_condition

    +

    tag_condition object

    +

    User tag. This parameter is mandatory when the rate limit mode is set to other. - other: A website visitor is identified by the Referer field (user-defined request source).

    +

    limit_num

    Integer

    Rule status. The value can be 0 or 1.

    -

    • 0: The rule is disabled.

      -

    • 1: The rule is enabled.

      -
    +

    Rate limit frequency based on the number of requests. The value ranges from 1 to 2,147,483,647.

    +

    limit_period

    +

    Integer

    +

    Rate limit period, in seconds. The value ranges from 1 to 3,600.

    +

    unlock_num

    +

    Integer

    +

    Allowable frequency based on the number of requests. The value ranges from 0 to 2,147,483,647. This parameter is required only when the protection action type is dynamic_block.

    +

    lock_time

    +

    Integer

    +

    Block duration, in seconds. The value ranges from 0 to 65,535. The period within which access is blocked. An error page is displayed in this period.

    description

    @@ -370,32 +589,39 @@

    Rule description

    action

    +

    total_num

    action object

    +

    Integer

    Action to take if the number of requests reaches the upper limit.

    +

    This parameter is reserved and can be ignored currently.

    conditions

    +

    unaggregation

    Array of conditions objects

    +

    Boolean

    Condition list. This parameter is returned when mode is set to 1.

    +

    This parameter is reserved and can be ignored currently.

    timestamp

    +

    aging_time

    Long

    +

    Integer

    Time the rule is created.

    +

    Rule aging time. This parameter is reserved and can be ignored currently.

    +

    producer

    +

    Integer

    +

    Rule creation object. This parameter is reserved and can be ignored currently.
    -
    Table 8 action

    Parameter

    +
    @@ -407,28 +633,77 @@ - - - + + + + + + + + + + + +
    Table 10 CcCondition

    Parameter

    Type

    String

    Action type:

    -

    • block: WAF blocks discovered attacks.

      -

    • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

      -

    • If tag_type is set to other, the value can only be block.

      +

    Field type. The value can be url, ip, params, cookie, or header.

    +

    Enumeration values:

    +

    • url

      +

    • ip

      +

    • params

      +

    • cookie

      +

    • header

    detail

    +

    logic_operation

    String

    Action details. If detail is null, the default block page is displayed by default.

    -

    • This parameter cannot be included when category is set to captcha.

      -

    • This parameter is required when category is set to block.

      +

    Logic for matching the condition.

    +

    • If the category is url, the optional operations are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal and len_not_equal

      +

    • If the category is ip, the optional operations are: equal, not_equal, , equal_any and not_equal_all

      +

    • If the category is params, cookie and header, the optional operations are: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal, len_not_equal, num_greater, num_less, num_equal, num_not_equal, exist and not_exist

    +

    Enumeration values:

    +

    • contain

      +

    • not_contain

      +

    • equal

      +

    • not_equal

      +

    • prefix

      +

    • not_prefix

      +

    • suffix

      +

    • not_suffix

      +

    • contain_any

      +

    • not_contain_all

      +

    • equal_any

      +

    • not_equal_all

      +

    • prefix_any

      +

    • not_prefix_all

      +

    • suffix_any

      +

    • not_suffix_all

      +

    • num_greater

      +

    • num_less

      +

    • num_equal

      +

    • num_not_equal

      +

    • exist

      +

    • not_exist

      +
    +

    contents

    +

    Array of strings

    +

    Content of the conditions. This parameter is mandatory when the suffix of logic_operation is not any or all.

    +

    value_list_id

    +

    String

    +

    Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is mandatory when the suffix of logic_operation is any or all. The reference table type must be the same as the category type.

    +

    index

    +

    String

    +

    Subfield. When category is set to params, cookie, or header, set this parameter based on site requirements. This parameter is mandatory.
    -
    Table 9 detail

    Parameter

    +
    @@ -436,18 +711,39 @@ - - - + + + +
    Table 11 action

    Parameter

    Type

    response

    +

    category

    response object

    +

    String

    Returned page.

    +

    Action type:

    +

    • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

      +

    • block: WAF blocks the requests. When tag_type is set to other, the value can only be block.

      +

    • log: WAF logs the event only.

      +

    • dynamic_block: In the previous rate limit period, if the request frequency exceeds the value of Rate Limit Frequency, the request is blocked. In the next rate limit period, if the request frequency exceeds the value of Permit Frequency, the request is still blocked. Note: The dynamic_block protection action can be set only when the advanced protection mode is enabled for the CC protection rule.

      +
    +

    Enumeration values:

    +

    • captcha

      +

    • block

      +

    • log

      +

    • dynamic_block

      +
    +

    detail

    +

    detail object

    +

    Block page information. When protection action category is set to block or dynamic_block, you need to set the returned block page.

    +

    • If you want to use the default block page, this parameter can be excluded.

      +

    • If you want to use a custom block page, set this parameter.

      +
    -
    Table 10 response

    Parameter

    +
    @@ -455,25 +751,18 @@ - - - - - - -
    Table 12 detail

    Parameter

    Type

    content_type

    +

    response

    String

    +

    response object

    Content type. The value can only be application/json, text/html, or text/xml.

    -

    content

    -

    String

    -

    Contents

    +

    Block Page
    -
    Table 11 conditions

    Parameter

    +
    @@ -481,39 +770,49 @@ - - - - - - - - - +
    Table 13 response

    Parameter

    Type

    category

    +

    content_type

    String

    Field type. The options are as follows: ip, cookie, and url

    -

    index

    -

    String

    -

    Parameter description:

    -

    • When the field type is ip or url, the index parameter is not required.

      -

    • When the field type is cookie and the subfield is customized, the value of index is the customized subfield.

      +

    Content type. The value can only be application/json, text/html, or text/xml.

    +

    Enumeration values:

    +

    • application/json

      +

    • text/html

      +

    • text/xml

    logic_operation

    +

    content

    String

    Condition matching logic. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, equal_any, and not_equal_any, contain_any, and not_contain_any.

    -

    • When the field type is url, the following matching logics are supported: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix.

      -

    • When the field type is ip, the following matching logics are supported: equal, not_equal, equal_any, and not_equal_any.

      -

    • When category is set to cookie, the following matching logics are supported: contain, not_contain, equal, not_equal. prefix, not_prefix, suffix, not_suffix, contain_any, and not_contain_any.

      -
    +

    Block page information.

    contents

    +
    +
    + +
    + + + + + - - + + + + @@ -521,26 +820,26 @@

    Status code: 400

    -
    Table 14 tag_condition

    Parameter

    +

    Type

    +

    Description

    +

    category

    Array of strings

    +

    String

    Content of the conditions.

    +

    User identifier. The value is fixed at referer.

    +

    contents

    +

    Array of strings

    +

    Content of the user identifier field.
    Table 12 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -548,26 +847,26 @@

    Status code: 401

    -
    Table 15 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    - + + + + @@ -491,43 +609,41 @@

    Example Requests

    PUT https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}?
 
 {
-    "description": "",
-    "action": {
-        "category": "block"
-    },
-    "priority": 50,
-    "conditions": [
-        {
-            "category": "header",
-            "logic_operation": "contain",
-            "index": "demo2"
-            "content" ["demo"]
-        }
-    ],
-    ],
-    "time": false
+  "action" : {
+    "category" : "block"
+  },
+  "time" : false,
+  "priority" : 50,
+  "description" : "",
+  "conditions" : [ {
+    "category" : "url",
+    "logic_operation" : "contain",
+    "index" : null,
+    "contents" : [ "test" ]
+  } ]
 }

    Example Responses

    Status code: 200

    Request succeeded.

    {
+  "id" : "88e8bf4158324b2d9a233e7ffb95516d",
+  "policyid" : "dde63c25e8394b21b16a2a49a99e659b",
+  "timestamp" : 1678799936830,
+  "description" : "",
+  "status" : 1,
+  "time" : false,
+  "priority" : 50,
+  "action_mode" : false,
+  "conditions" : [ {
+    "category" : "url",
+    "contents" : [ "test" ],
+    "logic_operation" : "contain"
+  } ],
   "action" : {
     "category" : "block"
   },
-  "action_mode" : false,
-  "aging_time" : 0,
-  "conditions" : [ {
-    "category" : "header",
-    "index" : "demo2",
-    "logic_operation" : "contain",
-    "content" : [ "demo" ]
-  } ],
-  "description" : "",
-  "id" : "2a3caa2bc9814c09ad73d02e3485b4a4",
-  "policyid" : "1f016cde588646aca3fb19f277c44d03",
-  "priority" : 50,
-  "status" : 1,
-  "time" : false
+  "producer" : 1,
+  "aging_time" : 0
 }

    Status Codes

    diff --git a/docs/wafd/api-ref/UpdateGeoipRule.html b/docs/wafd/api-ref/UpdateGeoipRule.html index e2442f7f..4ebf3465 100644 --- a/docs/wafd/api-ref/UpdateGeoipRule.html +++ b/docs/wafd/api-ref/UpdateGeoipRule.html @@ -3,7 +3,7 @@

    Updating a Geolocation Access Control Rule

    Function

    This API is used to update a geolocation access control rule.

    -

    URI

    PUT /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}

    +

    URI

    PUT /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}

    Table 13 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -575,26 +874,26 @@

    Status code: 500

    -
    Table 16 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -371,7 +442,34 @@ - + + + +
    Table 14 Response body parameters

    Parameter

    +
    - - - - - - - - @@ -618,7 +917,6 @@

    Example Responses

    Status code: 200

    Request succeeded.

    {
-  "aging_time" : 0,
   "description" : "",
   "id" : "a5f3fd28db564696b199228f0ac346b2",
   "limit_num" : 10,
@@ -630,7 +928,9 @@
   "status" : 1,
   "tag_type" : "ip",
   "total_num" : 0,
+  "aging_time" : 0,
   "unaggregation" : false,
+  "producer" : 1,
   "url" : "/path1"
 }
    diff --git a/docs/wafd/api-ref/UpdateCustomRule.html b/docs/wafd/api-ref/UpdateCustomRule.html index 80280028..87252da1 100644 --- a/docs/wafd/api-ref/UpdateCustomRule.html +++ b/docs/wafd/api-ref/UpdateCustomRule.html @@ -3,7 +3,7 @@

    Updating a Precise Protection Rule

    Function

    This API is used to update a precise protection rule.

    -

    URI

    PUT /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}

    +

    URI

    PUT /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}

    Table 17 Response body parameters

    Parameter

    Type

    +

    Type

    Description

    +

    Description

    error_code

    +

    error_code

    String

    +

    String

    Error code

    +

    Error code

    error_msg

    +

    error_msg

    String

    +

    String

    Error message

    +

    Error message
    @@ -30,7 +30,7 @@ - - @@ -92,7 +92,7 @@ - @@ -140,7 +140,7 @@ - @@ -149,7 +149,7 @@ - @@ -177,6 +177,18 @@ @@ -197,7 +209,37 @@ - - - @@ -234,14 +276,29 @@ + + + + + - @@ -303,13 +360,6 @@ - - - - + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID. It can be obtained by calling the API Querying Protection Policies.

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    rule id

    +

    ID of the precise protection rule. It can be obtained by calling the ListCustomeRules API.

    time

    No

    +

    Yes

    Boolean

    action

    No

    +

    Yes

    CustomAction object

    priority

    No

    +

    Yes

    Integer

    String

    Field type. The options are url, user-agent, ip, params, cookie, referer, header, request_line, method, and request.

    +

    Enumeration values:

    +

    • url

      +

    • user-agent

      +

    • referer

      +

    • ip

      +

    • method

      +

    • request_line

      +

    • request

      +

    • params

      +

    • cookie

      +

    • header

      +

    index

    @@ -187,7 +199,7 @@

    Subfield

    • When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.

      -

    • If the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

      +

    • When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

    String

    Logic for matching the condition. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix. For more details, see the console UI.

    +

    Logic for matching the condition.

    +

    • If the category is url, user-agent or referer , the optional operations are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal and len_not_equal

      +

    • If the category is ip, the optional operations are: equal, not_equal, , equal_any and not_equal_all

      +

    • If the category is method, the optional operations are: equal and not_equal

      +

    • If the category is request_line and request, the optional operations are: len_greater, len_less, len_equal and len_not_equal

      +

    • If the category is params, header, and cookie, the optional operations are: contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, not_suffix, contain_any, not_contain_all, equal_any, not_equal_all, equal_any, not_equal_all, prefix_any, not_prefix_all, suffix_any, not_suffix_all, len_greater, len_less, len_equal, len_not_equal, num_greater, num_less, num_equal, num_not_equal, exist and not_exist

      +
    +

    Enumeration values:

    +

    • contain

      +

    • not_contain

      +

    • equal

      +

    • not_equal

      +

    • prefix

      +

    • not_prefix

      +

    • suffix

      +

    • not_suffix

      +

    • contain_any

      +

    • not_contain_all

      +

    • equal_any

      +

    • not_equal_all

      +

    • prefix_any

      +

    • not_prefix_all

      +

    • suffix_any

      +

    • not_suffix_all

      +

    • num_greater

      +

    • num_less

      +

    • num_equal

      +

    • num_not_equal

      +

    • exist

      +

    • not_exist

      +

    contents

    @@ -206,7 +248,7 @@

    Array of strings

    Condition content for matching the rule

    +

    Content of the conditions. This parameter is mandatory when the suffix of logic_operation is not any or all.

    value_list_id

    @@ -215,7 +257,7 @@

    String

    ID of the reference table

    +

    Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is mandatory when the suffix of logic_operation is any or all. The reference table type must be the same as the category type.

    category

    Yes

    +

    String

    +

    Operation type

    +

    • block: WAF blocks attacks.

      +

    • pass: WAF allows requests.

      +

    • log: WAF only logs detected attacks.

      +
    +

    Enumeration values:

    +

    • block

      +

    • pass

      +

    • log

      +
    +

    followed_action_id

    +

    No

    String

    Action type.

    -

    • block: WAF blocks attacks.

      -

    • pass: WAF allows requests.

      -
    +

    ID of a known attack source rule. This parameter can be configured only when category is set to block.

    Protective action of the precise protection rule.

    action_mode

    -

    Boolean

    -

    This parameter is reserved and can be ignored.

    -

    priority

    Integer

    @@ -338,6 +388,27 @@

    Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.

    action_mode

    +

    Boolean

    +

    This parameter is reserved and can be ignored currently.

    +

    aging_time

    +

    Integer

    +

    Rule aging time. This parameter is reserved and can be ignored currently.

    +

    producer

    +

    Integer

    +

    Rule creation object. This parameter is reserved and can be ignored currently.

    +
    @@ -363,7 +434,7 @@

    Subfield

    • When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.

      -

    • If the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

      +

    • When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.

    String

    Logic for matching the condition. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix. For more details, see the console UI.

    +

    Logic for matching the condition.

    +

    Enumeration values:

    +

    • contain

      +

    • not_contain

      +

    • equal

      +

    • not_equal

      +

    • prefix

      +

    • not_prefix

      +

    • suffix

      +

    • not_suffix

      +

    • contain_any

      +

    • not_contain_all

      +

    • equal_any

      +

    • not_equal_all

      +

    • prefix_any

      +

    • not_prefix_all

      +

    • suffix_any

      +

    • not_suffix_all

      +

    • len_greater

      +

    • len_less

      +

    • len_equal

      +

    • num_greater

      +

    • num_less

      +

    • num_equal

      +

    • num_not_equal

      +

    • exist

      +

    • not_exist

      +

    contents

    @@ -381,6 +479,13 @@

    Content of the conditions.

    value_list_id

    +

    String

    +

    Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is available only when a reference table is used when a protection rule is created.

    +
    @@ -397,10 +502,23 @@

    String

    Action type.

    -

    • block: WAF blocks attacks.

      -

    • pass: WAF allows requests.

      +

    Operation type

    +

    • block: WAF blocks attacks.

      +

    • pass: WAF allows requests.

      +

    • log: WAF only logs detected attacks.

    +

    Enumeration values:

    +

    • block

      +

    • pass

      +

    • log

      +
    +

    followed_action_id

    +

    String

    +

    ID of a known attack source rule. This parameter can be configured only when category is set to block.
    @@ -30,7 +30,7 @@ - - @@ -118,6 +118,7 @@

  • South Africa: South Africa

  • Mexico: Mexico

  • Peru: Peru

    +

  • For more geographical location codes, see "Appendix - Geographic Location Codes."

    • @@ -134,6 +135,15 @@ + + + + + + + + + + + + + @@ -334,6 +359,7 @@ "policyid" : "38ff0cb9a10e4d5293c642bc0350fa6d", "name" : "demo", "description" : "demo", + "geoTagList" : [ "BR" ], "geoip" : "BR", "white" : 1 } diff --git a/docs/wafd/api-ref/UpdateIgnoreRule.html b/docs/wafd/api-ref/UpdateIgnoreRule.html new file mode 100644 index 00000000..717b7b2b --- /dev/null +++ b/docs/wafd/api-ref/UpdateIgnoreRule.html @@ -0,0 +1,545 @@ + + +

    Updating a Global Protection Whitelist (False Alarm Masking) Rule

    +

    Function

    This API is used to update a global protection whitelist (false alarm masking) rule.

    +
    +

    URI

    PUT /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}

    + +
    Table 1 Path Parameters

    Parameter

    String

    Policy ID

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    rule_id

    @@ -39,7 +39,7 @@

    String

    Rule ID

    +

    ID of the geolocation access control rule. It can be obtained by calling the ListGeoipRules API.

    name

    +

    No

    +

    String

    +

    Rule name. Currently, the console does not support configuring names for geolocation access control rule. Ignore this parameter.

    +

    description

    No

    @@ -171,6 +181,20 @@

    Policy ID

    name

    +

    String

    +

    Rule name. Currently, the console does not support configuring names for geolocation access control rule. Ignore this parameter.

    +

    geoTagList

    +

    Array of strings

    +

    List of geographical locations hit the geolocation access control rule.

    +

    geoip

    String

    @@ -197,6 +221,7 @@

  • South Africa: South Africa

  • Mexico: Mexico

  • Peru: Peru

    +

  • For more geographical location codes, see "Appendix - Geographic Location Codes."

    		•
    + + + + + + + + + + + + + + + + + + + + + +
    Table 1 Path Parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    project_id

    +

    Yes

    +

    String

    +

    Project ID

    +

    policy_id

    +

    Yes

    +

    String

    +

    Policy ID. It can be obtained by calling the ListPolicy API.

    +

    rule_id

    +

    Yes

    +

    String

    +

    ID of the false alarm masking rule. It can be obtained by calling the ListIgnoreRules API.

    +
    +
    + +

    Request Parameters

    +
    + + + + + + + + + + + + + + + + +
    Table 2 Request header parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    X-Auth-Token

    +

    Yes

    +

    String

    +

    User token

    +

    Content-Type

    +

    No

    +

    String

    +

    Content type

    +

    Default: application/json;charset=utf8

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 3 Request body parameters

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    domain

    +

    Yes

    +

    Array of strings

    +

    Domain names to be protected. If the array length is 0, this rule will take effect for all domain names that are protected by the policies this rule belongs to.

    +

    conditions

    +

    Yes

    +

    Array of CreateCondition objects

    +

    Condition list

    +

    mode

    +

    Yes

    +

    Integer

    +

    The value is fixed at 1, indicating v2 false alarm masking rules.

    +

    rule

    +

    Yes

    +

    String

    +

    Items to be masked. You can provide multiple items and separate them with semicolons (;).

    +

    • If you want to disable a specific built-in rule for a domain name, the value of this parameter is the rule ID. When requests are blocked against a certain built-in rule while you do not want this rule to block requests later, you can query the rule in the Events page on the console and find its rule ID in the Hit Rule column. Then, you can disk the rule by its ID (including 6 digits).

      +

    • If you want to mask a type of basic web protection rules, set this parameter to the name of the type of basic web protection rules. xss: XSS attacks webshell: Web shells vuln: Other types of attacks sqli: SQL injection attack robot: Malicious crawlers rfi: Remote file inclusion lfi: Local file inclusion cmdi: Command injection attack

      +

    • To bypass the basic web protection, set this parameter to all.

      +

    • To bypass all WAF protection, set this parameter to bypass.

      +
    +

    advanced

    +

    No

    +

    Array of Advanced objects

    +

    To ignore attacks of a specific field, specify the field in the Advanced settings area. After you add the rule, WAF will stop blocking attacks of the specified field. This parameter is not included if all modules are bypassed.

    +

    description

    +

    No

    +

    String

    +

    Description of the rule

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 4 CreateCondition

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    category

    +

    No

    +

    String

    +

    Field type. The value can be url, ip, params, cookie, or header.

    +

    Enumeration values:

    +

    • url

      +

    • ip

      +

    • params

      +

    • cookie

      +

    • header

      +
    +

    contents

    +

    No

    +

    Array of strings

    +

    Content. The array length is limited to 1. The content format varies depending on the field type. For example, if the field type is ip, the value must be an IP address or IP address range. If the field type is url, the value must be in the standard URL format. IF the field type is params, cookie, or header, the content format is not limited.

    +

    logic_operation

    +

    No

    +

    String

    +

    The matching logic varies depending on the field type. For example, if the field type is ip, the logic can be equal or not_equal. If the field type is url, params, cookie, or header, the logic can be equal, not_equal, contain, not_contain, prefix, not_prefix, suffix, not_suffix.

    +

    index

    +

    No

    +

    String

    +

    If the field type is ip and the subfield is the client IP address, the index parameter is not required. If the subfield type is X-Forwarded-For, the value is x-forwarded-for; If the field type is params, header, or cookie, and the subfield is user-defined, the value of index is the user-defined subfield.

    +
    +
    + +
    + + + + + + + + + + + + + + + + +
    Table 5 Advanced

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    index

    +

    No

    +

    String

    +

    Field type. The following field types are supported: Params, Cookie, Header, Body, and Multipart.

    +

    • When you select Params, Cookie, or Header, you can set this parameter to all or configure subfields as required.

      +

    • When you select Body or Multipart, set this parameter to all.

      +
    +

    contents

    +

    No

    +

    Array of strings

    +

    Subfield of the specified field type. The default value is all.

    +
    +
    +
    +

    Response Parameters

    Status code: 200

    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 6 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    id

    +

    String

    +

    Rule ID

    +

    policyid

    +

    String

    +

    Policy ID

    +

    rule

    +

    String

    +

    Items to be masked. You can provide multiple items and separate them with semicolons (;).

    +

    • If you want to disable a specific built-in rule for a domain name, the value of this parameter is the rule ID. When requests are blocked against a certain built-in rule while you do not want this rule to block requests later, you can query the rule in the Events page on the console and find its rule ID in the Hit Rule column. Then, you can disk the rule by its ID (including 6 digits).

      +

    • If you want to mask a type of basic web protection rules, set this parameter to the name of the type of basic web protection rules. xss: XSS attacks webshell: Web shells vuln: Other types of attacks sqli: SQL injection attack robot: Malicious crawlers rfi: Remote file inclusion lfi: Local file inclusion cmdi: Command injection attack

      +

    • To bypass the basic web protection, set this parameter to all.

      +

    • To bypass all WAF protection, set this parameter to bypass.

      +
    +

    mode

    +

    Integer

    +

    The value is fixed at 1, indicating v2 false alarm masking rules are used.

    +

    conditions

    +

    Array of Condition objects

    +

    Condition list

    +

    advanced

    +

    Array of Advanced objects

    +

    Advanced settings

    +

    domain

    +

    Array of strings

    +

    Domain names to be protected. If the array length is 0, this rule will take effect for all domain names that are protected by the policies this rule belongs to.

    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 7 Condition

    Parameter

    +

    Type

    +

    Description

    +

    category

    +

    String

    +

    Field type. The value can be ip, url, params, cookie, or header.

    +

    contents

    +

    Array of strings

    +

    Content. The array length must be 1. The content format varies depending on field types. For example, if the field type is ip, the value must be an IP address or IP address range. If the field type is url, the value must be a URL in standard format. If the field type is params, cookie, or header, the content format is not limited.

    +

    logic_operation

    +

    String

    +

    The matching logic varies depending on the field type. For example, if the field type is ip, the logic can be equal or not_equal. If the field type is url, params, cookie, or header, the logic can be equal, not_equal, contain, not_contain, prefix, not_prefix, suffix, not_suffix.

    +

    check_all_indexes_logic

    +

    Integer

    +

    This parameter is reserved and can be ignored.

    +

    index

    +

    String

    +

    If the field type is ip and the subfield is the client IP address, the index parameter does not exist. If the subfield type is X-Forwarded-For, the value is x-forwarded-for. If the field type is params, header, or cookie, and the subfield is user-defined, the value of index is the user-defined subfield.

    +
    +
    + +
    + + + + + + + + + + + + + +
    Table 8 Advanced

    Parameter

    +

    Type

    +

    Description

    +

    index

    +

    String

    +

    Field type. The following field types are supported: Params, Cookie, Header, Body, and Multipart.

    +

    • When you select Params, Cookie, or Header, you can set this parameter to all or configure subfields as required.

      +

    • When you select Body or Multipart, set this parameter to all.

      +
    +

    contents

    +

    Array of strings

    +

    Subfield of the specified field type. The default value is all.

    +
    +
    +

    Status code: 400

    + +
    + + + + + + + + + + + + + +
    Table 9 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 10 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 11 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +
    +

    Example Requests

    PUT https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}?
+
+{
+  "domain" : [ "www.example.com" ],
+  "mode" : 1,
+  "description" : "",
+  "conditions" : [ {
+    "category" : "ip",
+    "logic_operation" : "equal",
+    "index" : null,
+    "contents" : [ "x.x.x.x" ]
+  } ],
+  "rule" : "006602"
+}
    +
    +

    Example Responses

    Status code: 200

    +

    Request succeeded.

    +
    {
+  "id" : "40484384970948d79fffe4e4ae1fc54d",
+  "policyid" : "f385eceedf7c4c34a4d1def19eafbe85",
+  "timestamp" : 1650512535222,
+  "description" : "demo",
+  "status" : 1,
+  "rule" : "006602",
+  "mode" : 1,
+  "conditions" : [ {
+    "category" : "ip",
+    "contents" : [ "x.x.x.x" ],
+    "logic_operation" : "equal"
+  } ],
+  "domain" : [ "www.example.com" ]
+}
    +
    +

    Status Codes

    +
    + + + + + + + + + + + + + + + + +

    Status Code

    +

    Description

    +

    200

    +

    Request succeeded.

    +

    400

    +

    Request failed.

    +

    401

    +

    The token does not have required permissions.

    +

    500

    +

    Internal server error.

    +
    +
    +
    +

    Error Codes

    See Error Codes.

    +
    + +
    +
    +
    Parent topic: Rule Management
    +
    +
    + diff --git a/docs/wafd/api-ref/UpdatePolicy.html b/docs/wafd/api-ref/UpdatePolicy.html index 82911059..cc0a913a 100644 --- a/docs/wafd/api-ref/UpdatePolicy.html +++ b/docs/wafd/api-ref/UpdatePolicy.html @@ -3,7 +3,7 @@

    Updating a Policy

    Function

    This API is used to update a policy. The request body can contain only the part to be updated.

    -

    URI

    PATCH /v1/{project_id}/waf/policy/{policy_id}

    +

    URI

    PATCH /v1/{project_id}/waf/policy/{policy_id}

    @@ -108,6 +108,15 @@ + + + + + - - - - - - @@ -279,7 +276,7 @@ - + + + + + - + + + + + - - - + + +
    Table 1 Path Parameters

    Parameter

    PolicyOption

    robot_action

    +

    No

    +

    Action object

    +

    Feature-based anti-crawler protection mode. This parameter is unavailable for newly created protection policies. The default protection mode is Log only.

    +

    level

    No

    @@ -207,21 +216,9 @@

    Boolean

    Whether anti-crawler protection is enabled. Anti-crawler protection includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

    -

    • true: enabled

      -

    • false: disabled

      -
    -

    crawler

    -

    No

    -

    Boolean

    -

    Whether feature-based anti-crawler is enabled. This parameter is fixed at true.

    -

    • true: enabled

      -

    • false: disabled

      +

    JavaScript anti-crawler function.

    +

    • true: Enabled

      +

    • false: Disabled

    Boolean

    Whether other crawler check is enabled. The value can be:

    +

    Whether webshell check is enabled. The value can be:

    • true: enabled

    • false: disabled

    @@ -381,13 +378,37 @@

    followed_action

    +

    No

    +

    Boolean

    +

    Whether the Known Attack Source protection is enabled.. The value can be:

    +

    • true: enabled

      +

    • false: disabled

      +
    +

    bot_enable

    No

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    Feature-based anti-crawler. This feature includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

    +

    • true: Enabled

      +

    • false: Disabled

      +
    +

    crawler

    +

    No

    +

    Boolean

    +

    This parameter is reserved and can be ignored currently.

    precise

    @@ -396,16 +417,50 @@

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter is reserved and can be ignored currently.

    followed_action

    +

    modulex_enabled

    No

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter is reserved and can be ignored currently.

    +

    Enumeration values:

    +

    • true

      +

    • false

      +
    +
    +
    + +
    + + + + + + + + + @@ -414,7 +469,7 @@

    Response Parameters

    Status code: 200

    -
    Table 6 Action

    Parameter

    +

    Mandatory

    +

    Type

    +

    Description

    +

    category

    +

    No

    +

    String

    +

    Protective action for feature-based anti-crawler rules:

    +

    • log: WAF only logs discovered attacks.

      +

    • block: WAF blocks discovered attacks.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    Table 6 Response body parameters

    Parameter

    +
    @@ -456,7 +511,7 @@ @@ -478,6 +533,41 @@ + + + + + + + + + + + + + + + + + + + + - - - -
    Table 7 Response body parameters

    Parameter

    Type

    Protection level

    • 1: WAF detects wget, cURL, and more but does not detect XSS and command injection attacks in the header, so you may miss more vulnerabilities that actually exist. If you find out that configured protection rules are affecting your services, adjust the protection level to 1.

      -

    • 2: WAF detects remote file inclusion, third-party software vulnerabilities, web shell, and cp and ftp commands. This is the default value.

      +

    • 2: WAF detects remote file inclusion, third-party software vulnerabilities, web shell and ftp commands. This is the default value.

    • 3: If you need a stricter protection level, set this parameter to 3. This may increase the false positive rate but decrease the false negative rate, such as nc, nmap, and kill.

    Basic information about the protected domain.

    hosts

    +

    Array of strings

    +

    Array of IDs of protected domain names. The ID of a protected domain name is unique and generated by WAF when you add the domain name to WAF. To obtain the IDs, call the API Querying Domain Names Protected by Dedicated WAF Engines. To add a domain name to WAF, call the API Adding a Protected Domain Name.

    +

    robot_action

    +

    Action object

    +

    Feature-based anti-crawler protection mode. This parameter is unavailable for newly created protection policies. The default protection mode is Log only.

    +

    extend

    +

    PolicyExtend object

    +

    Switch for enabling or disabling Deep Inspection and Header Inspection in Basic Web Protection.

    +

    share_info

    +

    ShareInfo object

    +

    Whether to share a policy. This parameter is reserved and can be ignored currently.

    +

    modulex_options

    +

    ModulexOptions object

    +

    Whether to enable intelligent CC protection. This parameter is reserved and can be ignored currently.

    +

    timestamp

    Integer

    @@ -485,18 +575,11 @@

    Time a policy is created

    extend

    -

    Map<String,String>

    -

    Extended field

    -
    -
    Table 7 PolicyAction

    Parameter

    +
    @@ -522,7 +605,7 @@
    Table 8 PolicyAction

    Parameter

    Type

    -
    Table 8 PolicyOption

    Parameter

    +
    @@ -554,19 +637,9 @@ - - - - - @@ -614,7 +687,7 @@ - + + + + - + + + + - - -
    Table 9 PolicyOption

    Parameter

    Type

    Boolean

    Whether anti-crawler protection is enabled. Anti-crawler protection includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

    -

    • true: enabled

      -

    • false: disabled

      -
    -

    crawler

    -

    Boolean

    -

    Whether feature-based anti-crawler is enabled. This parameter is fixed at true.

    -

    • true: enabled

      -

    • false: disabled

      +

    JavaScript anti-crawler function.

    +

    • true: Enabled

      +

    • false: Disabled

    Boolean

    Whether other crawler check is enabled. The value can be:

    +

    Whether webshell check is enabled. The value can be:

    • true: enabled

    • false: disabled

    @@ -700,32 +773,56 @@

    followed_action

    +

    Boolean

    +

    Whether the Known Attack Source protection is enabled.. The value can be:

    +

    • true: enabled

      +

    • false: disabled

      +
    +

    bot_enable

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    Feature-based anti-crawler. This feature includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

    +

    • true: Enabled

      +

    • false: Disabled

      +
    +

    crawler

    +

    Boolean

    +

    This parameter is reserved and can be ignored currently.

    precise

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter is reserved and can be ignored currently.

    followed_action

    +

    modulex_enabled

    Boolean

    This parameter is redundant in this version. It will be used in the later versions.

    +

    This parameter is reserved and can be ignored currently.

    +

    Enumeration values:

    +

    • true

      +

    • false

      +
    -
    Table 9 BindHost

    Parameter

    +
    @@ -757,9 +854,34 @@
    Table 10 BindHost

    Parameter

    Type
    -

    Status code: 400

    -
    Table 10 Response body parameters

    Parameter

    +
    + + + + + + + + + +
    Table 11 Action

    Parameter

    +

    Type

    +

    Description

    +

    category

    +

    String

    +

    Protective action for feature-based anti-crawler rules:

    +

    • log: WAF only logs discovered attacks.

      +

    • block: WAF blocks discovered attacks.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +
    +
    + +
    @@ -767,26 +889,55 @@ - - - - - -
    Table 12 PolicyExtend

    Parameter

    Type

    error_code

    +

    extend

    String

    Error code

    -

    error_msg

    -

    String

    -

    Error message

    +

    Protection statuses for advanced settings in basic web protection. By default, this parameter is left blank, and the Deep Inspection and Header Inspection are disabled.

    +

    • If deep_decode is set to true, the Deep Inspection is enabled.

      +

    • If check_all_headers is set to true, the Header Inspection is enabled.

      +

    • If deep_decode and check_all_headers are set to false, the Deep Inspection and Header Inspection are disabled.

      +
    -

    Status code: 401

    -
    Table 11 Response body parameters

    Parameter

    +
    + + + + + + + + + + + + + + + + + +
    Table 13 ShareInfo

    Parameter

    +

    Type

    +

    Description

    +

    share_count

    +

    Integer

    +

    Total number of the users who share the address group.

    +

    accept_count

    +

    Integer

    +

    Number of users who accept the sharing

    +

    process_status

    +

    Integer

    +

    Status

    +
    +
    + +
    @@ -794,26 +945,150 @@ - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Table 14 ModulexOptions

    Parameter

    Type

    error_code

    +

    global_rate_enabled

    String

    +

    Boolean

    Error code

    +

    Status of the global rate limiting function (counting requests to all WAF instances when limiting traffic).

    +

    • false: Disabled.

      +

    • true: Enabled.

      +

    error_msg

    +

    global_rate_mode

    String

    Error message

    +

    Protection mode of the global rate limiting function.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    precise_rules_enabled

    +

    Boolean

    +

    Status of the intelligent precise protection.

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    precise_rules_mode

    +

    String

    +

    Protection mode of the intelligent precise protection.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    precise_rules_managed_mode

    +

    String

    +

    Management mode of the intelligent precise protection.

    +

    • auto: WAF manages automatically generated rules.

      +

    • manual: You can manage rules that are automatically generated by WAF.

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    precise_rules_aging_mode

    +

    String

    +

    Aging mode of the intelligent precise protection.

    +

    • manual: You can customize the maximum age of the rule.

      +

    • auto: Automatic

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    precise_rules_retention

    +

    Integer

    +

    Maximum age of the intelligent precise protection.

    +

    cc_rules_enabled

    +

    Boolean

    +

    Status of the intelligent CC attack protection.

    +

    • false: Disabled.

      +

    • true: Enabled.

      +
    +

    cc_rules_mode

    +

    String

    +

    Protection mode of the intelligent CC attack protection rule.

    +

    • log: WAF logs the event only.

      +

    • block: WAF blocks requests.

      +
    +

    Enumeration values:

    +

    • log

      +

    • block

      +
    +

    cc_rules_managed_mode

    +

    String

    +

    Management mode of the intelligent CC attack protection.

    +

    • auto: WAF manages automatically generated rules.

      +

    • manual: You can manage rules that are automatically generated by WAF.

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    cc_rules_aging_mode

    +

    String

    +

    Aging mode of the intelligent CC attack protection..

    +

    • manual: You can customize the maximum age of the rule.

      +

    • auto: Automatic

      +
    +

    Enumeration values:

    +

    • auto

      +
    +

    cc_rules_retention

    +

    Integer

    +

    Maximum age of the intelligent CC attack protection.
    -

    Status code: 500

    +

    Status code: 400

    -
    Table 12 Response body parameters

    Parameter

    +
    @@ -838,6 +1113,60 @@
    Table 15 Response body parameters

    Parameter

    Type
    +

    Status code: 401

    + +
    + + + + + + + + + + + + + +
    Table 16 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +
    +

    Status code: 500

    + +
    + + + + + + + + + + + + + +
    Table 17 Response body parameters

    Parameter

    +

    Type

    +

    Description

    +

    error_code

    +

    String

    +

    Error code

    +

    error_msg

    +

    String

    +

    Error message

    +
    +

    Example Requests

    PATCH https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}?
 
diff --git a/docs/wafd/api-ref/UpdatePolicyRuleStatus.html b/docs/wafd/api-ref/UpdatePolicyRuleStatus.html
index 32e4becd..23b400df 100644
--- a/docs/wafd/api-ref/UpdatePolicyRuleStatus.html
+++ b/docs/wafd/api-ref/UpdatePolicyRuleStatus.html
@@ -3,7 +3,7 @@
 
    Changing the Status of a Policy Rule
    
 
    Function
    This API is used to change the status of a policy rule.
    
 
    
-
    URI
    PUT /v1/{project_id}/waf/policy/{policy_id}/{ruletype}/{rule_id}/status
    
+
    URI
    PUT /v1/{project_id}/waf/policy/{policy_id}/{ruletype}/{rule_id}/status
    
 
 
    
@@ -30,7 +30,7 @@
 
-
@@ -108,7 +110,7 @@
 
-
@@ -126,9 +128,9 @@
 
    Table 1 Path Parameters
    Parameter
    
     		
 
    String
    
 
    Policy ID
    
+
    Policy ID. It can be obtained by calling the ListPolicy API.
    
     		
 
    
 
    ruletype
    
@@ -40,12 +40,14 @@
 
    String
    
     		
 
    Rule type
    
-
    • cc -custom
      
+
      • cc
        
+
      • custom
        
 
      • whiteblackip
        
 
      • privacy
        
 
      • ignore
        
 
      • geoip
        
 
      • antitamper
        
+
      • antileakage
        
 
      
 
    		
 
    
 
    status
    
 
    No
    
+
    Yes
    
     		
 
    Integer
    
 
    
 
    
 
    
-
    Response Parameters
    Status code: 400
    
+
    Response Parameters
    Status code: 200
    
 
-
    Table 4 Response body parameters
    Parameter
    
+
    
@@ -136,26 +138,47 @@
 
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
    Table 4 Response body parameters
    Parameter
    
     		
 
    Type
    
     		
 
    
 
    error_code
    
+
    id
    
     		
 
    String
    
 
    Error code
    
+
    Rule ID
    
     		
 
    error_msg
    
+
    policyid
    
     		
 
    String
    
 
    Error message
    
+
    Policy ID
    
+
    timestamp
    
+
    Long
    
+
    Time when the rule was created.
    
+
    description
    
+
    String
    
+
    Rule Description
    
+
    status
    
+
    Integer
    
+
    Status. The options are 0 and 1. 0: Disabled. 1: Enabled.
    
     		
 
    
     
 
    
 
    
-
    Status code: 401
    
+
    Status code: 400
    
 
-
    Table 5 Response body parameters
    Parameter
    
+
    
@@ -180,9 +203,9 @@
 
    Table 5 Response body parameters
    Parameter
    
     		
 
    Type
    
     		
 
    
 
    
-
    Status code: 500
    
+
    Status code: 401
    
 
-
    
-
    Table 6 Response body parameters
    Parameter
    
+
    
@@ -207,6 +230,33 @@
 
    Table 6 Response body parameters
    Parameter
    
     		
 
    Type
    
     		
 
    
 
    
+
    Status code: 500
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 7 Response body parameters
    Parameter
    
+
    Type
    
+
    Description
    
+
    error_code
    
+
    String
    
+
    Error code
    
+
    error_msg
    
+
    String
    
+
    Error message
    
+
    
+
    
 
 
    Example Requests
    PUT https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/{ruletype}/{rule_id}/status?
 
diff --git a/docs/wafd/api-ref/UpdatePremiumHost.html b/docs/wafd/api-ref/UpdatePremiumHost.html
index 98b74db4..feab7e20 100644
--- a/docs/wafd/api-ref/UpdatePremiumHost.html
+++ b/docs/wafd/api-ref/UpdatePremiumHost.html
@@ -3,7 +3,7 @@
 
    Modifying a Domain Name Protected by a Dedicated WAF Instance
    
 
    Function
    This API is used to modify a domain name protected by a dedicated WAF instance.
    
 
    
-
    URI
    PUT /v1/{project_id}/premium-waf/host/{host_id}
    
+
    URI
    PUT /v1/{project_id}/premium-waf/host/{host_id}
    
 
 
    
@@ -130,7 +130,8 @@
 
    • cipher_1: ECDHE-ECDSA-AES256-GCM-SHA384:HIGH:!MEDIUM:!LOW:!aNULL:!eNULL:!DES:!MD5:!PSK:!RC4:!kRSA:!SRP:!3DES:!DSS:!EXP:!CAMELLIA:@STRENGTH
      
 
    • cipher_2: EECDH+AESGCM:EDH+AESGCM
      
 
    • cipher_3: ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH
      
-
    • cipher_4. ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!EDH  n - cipher_default: ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM
      
+
    • cipher_4. ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!EDH
      
+
    • cipher_default: ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM
      
 
    
@@ -155,6 +156,60 @@
 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 1 Path Parameters
    Parameter
    
     		
 
 
    Alarm configuration page
    
     		
 
    flag
    
+
    No
    
+
    Flag object
    
+
    Feature switch for configuring compliance certification checks for domain names protected with the dedicated WAF instance.
    
+
    traffic_mark
    
+
    No
    
+
    TrafficMark object
    
+
    Traffic identifier
    
+
    circuit_breaker
    
+
    No
    
+
    CircuitBreaker object
    
+
    Circuit breaker configuration
    
+
    timeout_config
    
+
    No
    
+
    TimeoutConfig object
    
+
    Timeout settings
    
+
    web_tag
    
+
    No
    
+
    String
    
+
    website name
    
+
    description
    
+
    No
    
+
    String
    
+
    website remarks
    
+
    
 
 
    
 
    
@@ -175,7 +230,11 @@
 
 
    String
    
 
    Template name
    
+
    Template type. The value can be:
    
+
    • default: The default block page is returned when a request is blocked.
      
+
    • custom: Your custom block page is returned when a request is blocked.
      
+
    • redirect: The request is redirected to the URL you specify.
      
+
    
     		
 
    
 
    custom_page
    
@@ -240,10 +299,218 @@
 
 
    
 
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 6 Flag
    Parameter
    
+
    Mandatory
    
+
    Type
    
+
    Description
    
+
    pci_3ds
    
+
    No
    
+
    String
    
+
    Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected.
    
+
    • true: Enable this check.
      
+
    • false: Disable this check.
      
+
    
+
    Enumeration values:
    
+
    • true
      
+
    • false
      
+
    
+
    pci_dss
    
+
    No
    
+
    String
    
+
    Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected.
    
+
    • true: Enable this check.
      
+
    • false: Disable this check.
      
+
    
+
    Enumeration values:
    
+
    • true
      
+
    • false
      
+
    
+
    
+
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 7 TrafficMark
    Parameter
    
+
    Mandatory
    
+
    Type
    
+
    Description
    
+
    sip
    
+
    No
    
+
    Array of strings
    
+
    IP tag. HTTP request header field of the original client IP address.
    
+
    cookie
    
+
    No
    
+
    String
    
+
    Session tag. This tag is used by known attack source rules to block malicious attacks based on cookie attributes. This parameter must be configured in known attack source rules to block requests based on cookie attributes.
    
+
    params
    
+
    No
    
+
    String
    
+
    User tag. This tag is used by known attack source rules to block malicious attacks based on params attributes. This parameter must be configured to block requests based on the params attributes.
    
+
    
+
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 8 CircuitBreaker
    Parameter
    
+
    Mandatory
    
+
    Type
    
+
    Description
    
+
    switch
    
+
    No
    
+
    Boolean
    
+
    Whether to enable connection protection.
    
+
    • true: Enable connection protection.
      
+
    • false: Disable the connection protection.
      
+
    
+
    dead_num
    
+
    No
    
+
    Integer
    
+
    502/504 error threshold. 502/504 errors allowed for every 30 seconds.
    
+
    dead_ratio
    
+
    No
    
+
    Number
    
+
    A breakdown protection is triggered when the 502/504 error threshold and percentage threshold have been reached.
    
+
    block_time
    
+
    No
    
+
    Integer
    
+
    Protection period upon the first breakdown. During this period, WAF stops forwarding client requests.
    
+
    superposition_num
    
+
    No
    
+
    Integer
    
+
    The maximum multiplier you can use for consecutive breakdowns. The number of breakdowns are counted from 0 every time the accumulated breakdown protection duration reaches 3,600s. For example, assume that Initial Downtime (s) is set to 180s and Multiplier for Consecutive Breakdowns is set to 3. If the breakdown is triggered for the second time, that is, less than 3, the protection duration is 360s (180s X 2). If the breakdown is triggered for the third or fourth time, that is, equal to or greater than 3, the protection duration is 540s (180s X 3). When the accumulated downtime duration exceeds 1 hour (3,600s), the number of breakdowns are counted from 0.
    
+
    suspend_num
    
+
    No
    
+
    Integer
    
+
    Threshold of the number of pending URL requests. Connection protection is triggered when the threshold has been reached.
    
+
    sus_block_time
    
+
    No
    
+
    Integer
    
+
    Downtime duration after the connection protection is triggered. During this period, WAF stops forwarding website requests.
    
+
    
+
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 9 TimeoutConfig
    Parameter
    
+
    Mandatory
    
+
    Type
    
+
    Description
    
+
    connect_timeout
    
+
    No
    
+
    Integer
    
+
    Timeout for WAF to connect to the origin server.
    
+
    send_timeout
    
+
    No
    
+
    Integer
    
+
    Timeout for WAF to send requests to the origin server.
    
+
    read_timeout
    
+
    No
    
+
    Integer
    
+
    Timeout for WAF to receive responses from the origin server.
    
+
    
+
    
 
 
    Response Parameters
    Status code: 200
    
 
-
    Table 6 Response body parameters
    Parameter
    
+
    
@@ -290,7 +557,11 @@
 
-
@@ -326,14 +598,20 @@
 
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 10 Response body parameters
    Parameter
    
     		
 
    Type
    
     		
 
    String
    
 
    HTTP protocol
    
+
    Client protocol, which is the protocol used by a client (for example, a browser) to access your website.
    
+
    Enumeration values:
    
+
    • HTTPS
      
+
    • HTTP
      
+
    
     		
 
    
 
    tls
    
@@ -311,7 +582,8 @@
 
    • cipher_1: ECDHE-ECDSA-AES256-GCM-SHA384:HIGH:!MEDIUM:!LOW:!aNULL:!eNULL:!DES:!MD5:!PSK:!RC4:!kRSA:!SRP:!3DES:!DSS:!EXP:!CAMELLIA:@STRENGTH
      
 
    • cipher_2: EECDH+AESGCM:EDH+AESGCM
      
 
    • cipher_3: ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH
      
-
    • cipher_4. ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!EDH  n - cipher_default: ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM
      
+
    • cipher_4. ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!EDH
      
+
    • cipher_default: ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM
      
 
    
     		
 
    
 
    String
    
 
    HTTPS certificate ID. It can be obtained by calling the ListCertificates API.  n - This parameter is not required when the client protocol is HTTP.  n - This parameter is mandatory when the client protocol is HTTPS.
    
+
    HTTPS certificate ID. It can be obtained by calling the ListCertificates API.
    
+
    • This parameter is not required when the client protocol is HTTP.
      
+
    • This parameter is mandatory when the client protocol is HTTPS.
      
+
    
     		
 
    
 
    certificatename
    
     		
 
    String
    
 
    Certificate name.  n - This parameter is not required when the client protocol is HTTP.  n - This parameter is mandatory when the client protocol is HTTPS.
    
+
    Certificate name.
    
+
    • This parameter is not required when the client protocol is HTTP.
      
+
    • This parameter is mandatory when the client protocol is HTTPS.
      
+
    
     		
 
    
 
    proxy
    
@@ -372,18 +650,18 @@
 
     		
 
    timestamp
    
+
    access_progress
    
 
    Long
    
+
    Array of Access_progress objects
    
 
    Time a domain name is added to WAF
    
+
    Access progress, which is used only for the new console (frontend).
    
     		
 
    
 
    flag
    
     		
 
    Flag object
    
 
    Special domain name identifier, which is used to store additional domain name configurations
    
+
    Feature switch for configuring compliance certification checks for domain names protected with the dedicated WAF instance.
    
     		
 
    
 
    block_page
    
@@ -395,16 +673,58 @@
 
    
 
    extend
    
 
    Map<String,String>
    
+
    Extend object
    
 
    Extended attribute
    
+
    This parameter includes some extended information about the protected domain name.
    
+
    traffic_mark
    
+
    TrafficMark object
    
+
    Traffic identifier
    
+
    circuit_breaker
    
+
    CircuitBreaker object
    
+
    Circuit breaker configuration
    
+
    timeout_config
    
+
    TimeoutConfig object
    
+
    Timeout settings
    
+
    web_tag
    
+
    String
    
+
    website name
    
+
    description
    
+
    String
    
+
    website remarks
    
+
    timestamp
    
+
    Long
    
+
    Time a domain name is added to WAF
    
     		
 
    
 
 
    
 
    
 
-
    Table 7 PremiumWafServer
    Parameter
    
+
    
@@ -469,11 +789,18 @@
 
+
+
+
+
    Table 11 PremiumWafServer
    Parameter
    
     		
 
    Type
    
     		
 
 
    weight
    
+
    Integer
    
+
    This parameter is reserved and can be ignored currently.
    
+
    
 
 
    
 
    
 
-
    Table 8 Flag
    Parameter
    
+
    
@@ -481,23 +808,24 @@
 
-
-
-
-
-
-
@@ -505,7 +833,7 @@
 
    Table 12 Access_progress
    Parameter
    
     		
 
    Type
    
     		
 
    
 
    pci_3ds
    
+
    step
    
 
    String
    
+
    Integer
    
 
    Whether PCI 3DS certification check is enabled for the domain name. Currently, this function is not supported. The default value is false. You can ignore this parameter.
    
-
    • true: PCI 3DS check is enabled.
      
-
    • false: PCI 3DS check is disenabled.
      
+
    Step
    
+
    • 1: whitelisting WAF IP addresses.
      
+
    • 2: testing WAF.
      
+
    • 3:modifying DNS record.
      
 
    
     		
 
    pci_dss
    
+
    status
    
 
    String
    
+
    Integer
    
 
    Whether PCI DDS certification check is enabled for the domain name.
    
-
    • true: PCI DDS check is enabled.
      
-
    • false: PCI DDS check is disenabled.
      
+
    Status. The value can be 0 or 1.
    
+
    • 0: The step has not been finished.
      
+
    • 1: The step has finished.
      
 
    
     		
 
    
 
    
 
-
    Table 9 BlockPage
    Parameter
    
+
    
@@ -513,32 +841,39 @@
 
-
-
-
-
-
-
-
-
    Table 13 Flag
    Parameter
    
     		
 
    Type
    
     		
 
    
 
    template
    
+
    pci_3ds
    
     		
 
    String
    
 
    Template name
    
+
    Whether to enable PCI 3DS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI 3DS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Once PCI 3DS is enabled, it cannot be disabled. Before you enable it, ensure that your website services will not be affected.
    
+
    • true: Enable this check.
      
+
    • false: Disable this check.
      
+
    
+
    Enumeration values:
    
+
    • true
      
+
    • false
      
+
    
     		
 
    custom_page
    
-
    CustomPage object
    
-
    Custom alarm page
    
-
    redirect_url
    
+
    pci_dss
    
     		
 
    String
    
 
    Redirection URL
    
+
    Whether to enable PCI DSS compliance check. This parameter must be used together with tls and cipher. tls must be set to TLS v1.2, and cipher must be set to cipher_2. Note: If PCI DSS compliance check is enabled and the minimum TLS is set to TLS v1.2, the website can be accessed using TLS v1.2, but cannot be accessed using TLS v1.1 or earlier. Before you enable it, ensure that your website services will not be affected.
    
+
    • true: Enable this check.
      
+
    • false: Disable this check.
      
+
    
+
    Enumeration values:
    
+
    • true
      
+
    • false
      
+
    
     		
 
    
     
 
    
 
    
 
-
    Table 10 CustomPage
    Parameter
    
+
    
@@ -546,33 +881,69 @@
 
-
-
-
-
-
-
-
    Table 14 BlockPage
    Parameter
    
     		
 
    Type
    
     		
 
    
 
    status_code
    
+
    template
    
     		
 
    String
    
 
    Status Codes
    
+
    Template type. The value can be:
    
+
    • default: The default block page is returned when a request is blocked.
      
+
    • custom: Your custom block page is returned when a request is blocked.
      
+
    • redirect: The request is redirected to the URL you specify.
      
+
    
     		
 
    content_type
    
+
    custom_page
    
 
    String
    
+
    CustomPage object
    
 
    Content type of alarm page
    
+
    Custom alarm page
    
     		
 
    content
    
+
    redirect_url
    
     		
 
    String
    
 
    Page content
    
+
    Redirection URL
    
     		
 
    
     
 
    
 
    
-
    Status code: 400
    
 
-
    
+
+
+
+
-
+
+
+
+
    Table 11 Response body parameters
    Parameter
    
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 15 CustomPage
    Parameter
    
+
    Type
    
+
    Description
    
+
    status_code
    
+
    String
    
+
    Status Codes
    
+
    content_type
    
+
    String
    
+
    Content type of alarm page
    
+
    content
    
+
    String
    
+
    Page content
    
+
    
+
    
+
+
    
@@ -580,26 +951,58 @@
 
-
-
-
-
    Table 16 Extend
    Parameter
    
     		
 
    Type
    
     		
 
    
 
    error_code
    
+
    ltsInfo
    
     		
 
    String
    
 
    Error code
    
+
    Details about LTS configuration
    
     		
 
    error_msg
    
+
    extend
    
     		
 
    String
    
 
    Error message
    
+
    Timeout configuration details.
    
     		
 
    
     
 
    
 
    
-
    Status code: 401
    
 
-
    Table 12 Response body parameters
    Parameter
    
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 17 TrafficMark
    Parameter
    
+
    Type
    
+
    Description
    
+
    sip
    
+
    Array of strings
    
+
    IP tag. HTTP request header field of the original client IP address.
    
+
    cookie
    
+
    String
    
+
    Session tag. This tag is used by known attack source rules to block malicious attacks based on cookie attributes. This parameter must be configured in known attack source rules to block requests based on cookie attributes.
    
+
    params
    
+
    String
    
+
    User tag. This tag is used by known attack source rules to block malicious attacks based on params attributes. This parameter must be configured to block requests based on the params attributes.
    
+
    
+
    
+
+
    
@@ -607,18 +1010,143 @@
 
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 18 CircuitBreaker
    Parameter
    
     		
 
    Type
    
     		
 
    
 
    error_code
    
+
    switch
    
 
    String
    
+
    Boolean
    
 
    Error code
    
+
    Whether to enable connection protection.
    
+
    • true: Enable connection protection.
      
+
    • false: Disable the connection protection.
      
+
    
     		
 
    error_msg
    
+
    dead_num
    
 
    String
    
+
    Integer
    
 
    Error message
    
+
    502/504 error threshold. 502/504 errors allowed for every 30 seconds.
    
+
    dead_ratio
    
+
    Number
    
+
    A breakdown protection is triggered when the 502/504 error threshold and percentage threshold have been reached.
    
+
    block_time
    
+
    Integer
    
+
    Protection period upon the first breakdown. During this period, WAF stops forwarding client requests.
    
+
    superposition_num
    
+
    Integer
    
+
    The maximum multiplier you can use for consecutive breakdowns. The number of breakdowns are counted from 0 every time the accumulated breakdown protection duration reaches 3,600s. For example, assume that Initial Downtime (s) is set to 180s and Multiplier for Consecutive Breakdowns is set to 3. If the breakdown is triggered for the second time, that is, less than 3, the protection duration is 360s (180s X 2). If the breakdown is triggered for the third or fourth time, that is, equal to or greater than 3, the protection duration is 540s (180s X 3). When the accumulated downtime duration exceeds 1 hour (3,600s), the number of breakdowns are counted from 0.
    
+
    suspend_num
    
+
    Integer
    
+
    Threshold of the number of pending URL requests. Connection protection is triggered when the threshold has been reached.
    
+
    sus_block_time
    
+
    Integer
    
+
    Downtime duration after the connection protection is triggered. During this period, WAF stops forwarding website requests.
    
+
    
+
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 19 TimeoutConfig
    Parameter
    
+
    Type
    
+
    Description
    
+
    connect_timeout
    
+
    Integer
    
+
    Timeout for WAF to connect to the origin server.
    
+
    send_timeout
    
+
    Integer
    
+
    Timeout for WAF to send requests to the origin server.
    
+
    read_timeout
    
+
    Integer
    
+
    Timeout for WAF to receive responses from the origin server.
    
+
    
+
    
+
    Status code: 400
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 20 Response body parameters
    Parameter
    
+
    Type
    
+
    Description
    
+
    error_code
    
+
    String
    
+
    Error code
    
+
    error_msg
    
+
    String
    
+
    Error message
    
+
    
+
    
+
    Status code: 401
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
@@ -626,26 +1154,26 @@
 
    Status code: 500
    
 
-
    Table 21 Response body parameters
    Parameter
    
+
    Type
    
+
    Description
    
+
    error_code
    
+
    String
    
+
    Error code
    
+
    error_msg
    
+
    String
    
+
    Error message
    
     		
 
    
     
 
    
+
+
+
+
+
+
+
+
    Table 13 Response body parameters
    Parameter
    
+
    
-
-
-
-
-
-
-
-
diff --git a/docs/wafd/api-ref/UpdatePremiumHostProtectStatus.html b/docs/wafd/api-ref/UpdatePremiumHostProtectStatus.html
new file mode 100644
index 00000000..83e40507
--- /dev/null
+++ b/docs/wafd/api-ref/UpdatePremiumHostProtectStatus.html
@@ -0,0 +1,279 @@
+
+
+
    Modifying the Protection Status of a Domain Name in Dedicated Mode
    
+
    Function
    This API is used to modify the protection status of a domain name connected to a dedicated WAF instance.
    
+
    
+
    URI
    PUT /v1/{project_id}/premium-waf/host/{host_id}/protect_status
    
+
+
    Table 22 Response body parameters
    Parameter
    
 
    Type
    
+
    Type
    
 
    Description
    
+
    Description
    
     		
 
    
 
    error_code
    
+
    error_code
    
 
    String
    
+
    String
    
 
    Error code
    
+
    Error code
    
     		
 
    error_msg
    
+
    error_msg
    
 
    String
    
+
    String
    
 
    Error message
    
+
    Error message
    
     		
 
    
 
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 1 Path Parameters
    Parameter
    
+
    Mandatory
    
+
    Type
    
+
    Description
    
+
    project_id
    
+
    Yes
    
+
    String
    
+
    Project ID. To obtain it, go to Cloud management console and hover the cursor over your username. On the displayed window, choose My Credentials.Then, in the Projects area, view Project ID of the corresponding project.
    
+
    host_id
    
+
    Yes
    
+
    String
    
+
    ID of the domain name protected by the dedicated WAF engine
    
+
    
+
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    Table 2 Query Parameters
    Parameter
    
+
    Mandatory
    
+
    Type
    
+
    Description
    
+
    enterprise_project_id
    
+
    No
    
+
    String
    
+
    You can obtain the ID by calling the ListEnterpriseProject API of EPS.
    
+
    
+
    
+
+
    Request Parameters
    
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 3 Request header parameters
    Parameter
    
+
    Mandatory
    
+
    Type
    
+
    Description
    
+
    Content-Type
    
+
    Yes
    
+
    String
    
+
    Content type.
    
+
    Default: application/json;charset=utf8
    
+
    X-Auth-Token
    
+
    Yes
    
+
    String
    
+
    User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header).
    
+
    
+
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    Table 4 Request body parameters
    Parameter
    
+
    Mandatory
    
+
    Type
    
+
    Description
    
+
    protect_status
    
+
    Yes
    
+
    Integer
    
+
    WAF status of the protected domain name.
    
+
    • 0: The WAF protection is suspended. WAF only forwards requests destined for the domain name and does not detect attacks.
      
+
    • 1: The WAF protection is enabled. WAF detects attacks based on the policy you configure.
      
+
    
+
    
+
    
+
    
+
    Response Parameters
    Status code: 200
    
+
+
    
+
+
+
+
+
+
+
+
+
+
    Table 5 Response body parameters
    Parameter
    
+
    Type
    
+
    Description
    
+
    protect_status
    
+
    Integer
    
+
    WAF status of the protected domain name.
    
+
    • 0: The WAF protection is suspended. WAF only forwards requests destined for the domain name and does not detect attacks.
      
+
    • 1: The WAF protection is enabled. WAF detects attacks based on the policy you configure.
      
+
    
+
    
+
    
+
    Status code: 400
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 6 Response body parameters
    Parameter
    
+
    Type
    
+
    Description
    
+
    error_code
    
+
    String
    
+
    Error code
    
+
    error_msg
    
+
    String
    
+
    Error message
    
+
    
+
    
+
    Status code: 401
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 7 Response body parameters
    Parameter
    
+
    Type
    
+
    Description
    
+
    error_code
    
+
    String
    
+
    Error code
    
+
    error_msg
    
+
    String
    
+
    Error message
    
+
    
+
    
+
    Status code: 500
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 8 Response body parameters
    Parameter
    
+
    Type
    
+
    Description
    
+
    error_code
    
+
    String
    
+
    Error code
    
+
    error_msg
    
+
    String
    
+
    Error message
    
+
    
+
    
+
    
+
    Example Requests
    PUT https://{Endpoint}/v1/{project_id}/premium-waf/host/{host_id}/protect_status?enterprise_project_id=0
+
+{
+  "protect_status" : 1
+}
    
+
    
+
    Example Responses
    Status code: 200
    
+
    OK
    
+
    {
+  "protect_status" : 1
+}
    
+
    
+
    Status Codes
    
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Status Code
    
+
    Description
    
+
    200
    
+
    OK
    
+
    400
    
+
    Invalid request
    
+
    401
    
+
    The token does not have the required permission.
    
+
    500
    
+
    Internal server error.
    
+
    
+
    
+
    
+
    Error Codes
    See Error Codes.
    
+
    
+
+
+
diff --git a/docs/wafd/api-ref/UpdatePrivacyRule.html b/docs/wafd/api-ref/UpdatePrivacyRule.html
index 4fe7f6f7..d98ddd3e 100644
--- a/docs/wafd/api-ref/UpdatePrivacyRule.html
+++ b/docs/wafd/api-ref/UpdatePrivacyRule.html
@@ -3,7 +3,7 @@
 
    Updating the Data Masking Rule List
    
 
    Function
    This API is used to update the data masking rule list.
    
 
    
-
    URI
    PUT /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}
    
+
    URI
    PUT /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}
    
 
 
    
@@ -30,7 +30,7 @@
 
-
-
diff --git a/docs/wafd/api-ref/UpdatePunishmentRule.html b/docs/wafd/api-ref/UpdatePunishmentRule.html
new file mode 100644
index 00000000..8ec7be68
--- /dev/null
+++ b/docs/wafd/api-ref/UpdatePunishmentRule.html
@@ -0,0 +1,311 @@
+
+
+
    Updating a Known Attack Source Rule
    
+
    Function
    This API is used update a known attack source rule.
    
+
    
+
    URI
    PUT /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}
    
+
+
    Table 1 Path Parameters
    Parameter
    
     		
 
    String
    
 
    Policy ID
    
+
    Policy ID. It can be obtained by calling the ListPolicy API.
    
     		
 
    
 
    rule_id
    
@@ -39,7 +39,7 @@
     		
 
    String
    
 
    Rule ID
    
+
    ID of the data masking rule. It can be obtained by calling the ListPrivacyRules API.
    
     		
 
    
 
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 1 Path Parameters
    Parameter
    
+
    Mandatory
    
+
    Type
    
+
    Description
    
+
    project_id
    
+
    Yes
    
+
    String
    
+
    project_id
    
+
    policy_id
    
+
    Yes
    
+
    String
    
+
    Policy ID. It can be obtained by calling the ListPolicy API.
    
+
    rule_id
    
+
    Yes
    
+
    String
    
+
    ID of the known attack source rule. It can be obtained by calling the ListPunishmentRules API.
    
+
    
+
    
+
    
+
    Request Parameters
    
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 2 Request header parameters
    Parameter
    
+
    Mandatory
    
+
    Type
    
+
    Description
    
+
    X-Auth-Token
    
+
    Yes
    
+
    String
    
+
    auth token
    
+
    Content-Type
    
+
    Yes
    
+
    String
    
+
    Content type.
    
+
    Default: application/json;charset=utf8
    
+
    
+
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 3 Request body parameters
    Parameter
    
+
    Mandatory
    
+
    Type
    
+
    Description
    
+
    block_time
    
+
    Yes
    
+
    Integer
    
+
    Block duration, in seconds. If prefix long is selected for the rule type, the value for block_time ranges from 301 to 1800. If prefix short is selected for the rule type, the value for block_time ranges from 0 to 300.
    
+
    description
    
+
    No
    
+
    String
    
+
    Description
    
+
    
+
    
+
    
+
    Response Parameters
    Status code: 200
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 4 Response body parameters
    Parameter
    
+
    Type
    
+
    Description
    
+
    id
    
+
    String
    
+
    Rule ID
    
+
    policyid
    
+
    String
    
+
    Policy ID
    
+
    block_time
    
+
    Integer
    
+
    Block duration, in seconds.
    
+
    category
    
+
    String
    
+
    Type of the know attack source rule.
    
+
    Enumeration values:
    
+
    • long_ip_block
      
+
    • long_cookie_block
      
+
    • long_params_block
      
+
    • short_ip_block
      
+
    • short_cookie_block
      
+
    • short_params_block
      
+
    
+
    description
    
+
    String
    
+
    Description
    
+
    
+
    
+
    Status code: 400
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 5 Response body parameters
    Parameter
    
+
    Type
    
+
    Description
    
+
    error_code
    
+
    String
    
+
    Error code
    
+
    error_msg
    
+
    String
    
+
    Error message
    
+
    
+
    
+
    Status code: 401
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 6 Response body parameters
    Parameter
    
+
    Type
    
+
    Description
    
+
    error_code
    
+
    String
    
+
    Error code
    
+
    error_msg
    
+
    String
    
+
    Error message
    
+
    
+
    
+
    Status code: 500
    
+
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Table 7 Response body parameters
    Parameter
    
+
    Type
    
+
    Description
    
+
    error_code
    
+
    String
    
+
    Error code
    
+
    error_msg
    
+
    String
    
+
    Error message
    
+
    
+
    
+
    
+
    Example Requests
    PUT https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}?
+
+{
+  "category" : "long_ip_block",
+  "block_time" : "1233",
+  "description" : "update"
+}
    
+
    
+
    Example Responses
    Status code: 200
    
+
    Request succeeded.
    
+
    {
+  "block_time" : 1233,
+  "category" : "long_ip_block",
+  "description" : "update",
+  "id" : "2c3afdcc982b429da4f72ee483aece3e",
+  "policyid" : "2fcbcb23ef0d48d99d24d7dcff00307d",
+  "timestamp" : 1668148186106
+}
    
+
    
+
    Status Codes
    
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Status Code
    
+
    Description
    
+
    200
    
+
    Request succeeded.
    
+
    400
    
+
    Request failed.
    
+
    401
    
+
    The token does not have required permissions.
    
+
    500
    
+
    Internal server error.
    
+
    
+
    
+
    
+
    Error Codes
    See Error Codes.
    
+
    
+
    
+
    
+
    
+
    Parent topic: Rule Management
    
+
    
+
    
+
diff --git a/docs/wafd/api-ref/UpdateValueList.html b/docs/wafd/api-ref/UpdateValueList.html
index 4c40eee1..bb178e4d 100644
--- a/docs/wafd/api-ref/UpdateValueList.html
+++ b/docs/wafd/api-ref/UpdateValueList.html
@@ -3,7 +3,7 @@
 
    Modifying a Reference Table
    
 
    Function
    This API is used to modify a reference table.
    
 
    
-
    URI
    PUT /v1/{project_id}/waf/valuelist/{valuelistid}
    
+
    URI
    PUT /v1/{project_id}/waf/valuelist/{table_id}
    
 
 
    
@@ -24,7 +24,7 @@
 
-
@@ -96,7 +96,7 @@
 
-
@@ -120,6 +120,15 @@
 
+
+
+
+
+
    Table 1 Path Parameters
    Parameter
    
 
    Project ID
    
     		
 
    valuelistid
    
+
    table_id
    
     		
 
    Yes
    
     		
 
    String
    
 
    Reference table type. For details, see the enumeration list
    
+
    Reference table type. For details, see the enumeration values as followed.
    
 
    Enumeration values:
    
 
    • url
      
 
    • params
      
@@ -107,7 +107,7 @@
 
    • header
      
 
    • response_code
      
 
    • response_header
      
-
    • resopnse_body
      
+
    • response_body
      
 
    
     		
 
    Value of the reference table
    
     		
 
    description
    
+
    No
    
+
    String
    
+
    Reference table description
    
+
    
 
 
    
 
    
@@ -180,6 +189,23 @@
 
    Value of the reference table
    
     		
 
    description
    
+
    String
    
+
    Reference table description
    
+
    producer
    
+
    Integer
    
+
    This parameter is reserved and can be ignored currently.
    
+
    Enumeration values:
    
+
    • 1
      
+
    
+
    
 
 
    
 
    
@@ -265,7 +291,7 @@
 
    
 
    
 
-
    Example Requests
    PUT https://{Endpoint}/v1/{project_id}/waf/valuelist/{valuelistid}?
+
    Example Requests
    PUT https://{Endpoint}/v1/{project_id}/waf/valuelist/{table_id}?
 
 {
   "name" : "demo2",
@@ -280,6 +306,8 @@
   "name" : "demo2",
   "type" : "url",
   "values" : [ "/demo" ],
+  "description" : "",
+  "producer" : 1,
   "timestamp" : 1656495488880
 }
    
 
    
diff --git a/docs/wafd/api-ref/UpdateWhiteblackipRule.html b/docs/wafd/api-ref/UpdateWhiteblackipRule.html
index 29e41fdf..54ef99a7 100644
--- a/docs/wafd/api-ref/UpdateWhiteblackipRule.html
+++ b/docs/wafd/api-ref/UpdateWhiteblackipRule.html
@@ -3,7 +3,7 @@
 
    Updating a Blacklist or Whitelist Rule
    
 
    Function
    This API is used to update an IP address blacklist or whitelist rule.
    
 
    
-
    URI
    PUT /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}
    
+
    URI
    PUT /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}
    
 
 
    
@@ -30,7 +30,7 @@
 
-
-
@@ -99,20 +99,29 @@
 
+
+
+
+
+
-
-
+
+
+
+
+
    Table 1 Path Parameters
    Parameter
    
     		
 
    String
    
 
    Policy ID
    
+
    Policy ID. It can be obtained by calling the ListPolicy API.
    
     		
 
    
 
    rule_id
    
@@ -39,7 +39,7 @@
     		
 
    String
    
 
    Rule ID
    
+
    ID of the blacklist or whitelist rule. It can be obtained by calling the ListWhiteblackipRules API.
    
     		
 
    
 
    Rule description.
    
     		
 
    name
    
+
    No
    
+
    String
    
+
    Rule name.
    
+
    
 
    addr
    
     		
 
    Yes
    
     		
 
    String
    
 
    lacklisted or whitelisted IP addresses
    
+
    IP addresses or an IP address range. -IP addresses: IP addresses to be added to the blacklist or whitelist, for example, 192.x.x.3 -IP address range: IP address and subnet mask, for example, 10.x.x.0/24
    
     		
 
    
 
    white
    
     		
 
    Yes
    
 
    Object
    
+
    String
    
     		
 
    Protective action. The value can be:
    
 
    • 0: WAF blocks the requests that hit the rule.
      
@@ -121,6 +130,15 @@
 
    
     		
 
    followed_action_id
    
+
    No
    
+
    String
    
+
    ID of a known attack source rule. This parameter can be configured only when white is set to 0.
    
+
    
 
 
    
 
    
@@ -142,6 +160,13 @@
 
    Rule ID
    
     		
 
    name
    
+
    String
    
+
    Rule name.
    
+
    
 
    policyid
    
     		
 
    String
    
@@ -177,7 +202,7 @@
     		
 
    String
    
 
    lacklisted or whitelisted IP addresses
    
+
    Blacklisted or whitelisted IP addresses
    
     		
 
    
 
    white
    
@@ -191,6 +216,13 @@
 
     		
 
    followed_action_id
    
+
    String
    
+
    ID of the known attack source rule.
    
+
    
 
 
    
 
    
@@ -281,7 +313,7 @@
 {
   "white" : 0,
   "description" : "demo",
-  "addr" : "10.1.1.2"
+  "addr" : "10.1.1.0/24"
 }
 
 
    Example Responses
    Status code: 200
    
@@ -292,7 +324,7 @@
   "timestamp" : 1650531872900,
   "description" : "demo",
   "status" : 1,
-  "addr" : "10.1.1.2",
+  "addr" : "10.1.1.0/24",
   "white" : 0
 }
 
    
diff --git a/docs/wafd/api-ref/UpgradeInstance.html b/docs/wafd/api-ref/UpgradeInstance.html
index b3adacf5..c61ca17c 100644
--- a/docs/wafd/api-ref/UpgradeInstance.html
+++ b/docs/wafd/api-ref/UpgradeInstance.html
@@ -3,7 +3,7 @@
 
    Operations on a Dedicated WAF Instance
    
 
    Function
    This API is used to operate a dedicated WAF instance.
    
 
    
-
    URI
    POST /v1/{project_id}/premium-waf/instance/{instance_id}/action
    
+
    URI
    POST /v1/{project_id}/premium-waf/instance/{instance_id}/action
    
 
 
    
@@ -60,7 +60,7 @@
 
-
@@ -205,7 +205,7 @@
 
-
-
-
-
-
-
-
-
-
    Table 1 Path Parameters
    Parameter
    
 
    
 
    X-Auth-Token
    
 
    No
    
+
    Yes
    
     		
 
    String
    
     		
 
    Integer
    
 
    unning status of the dedicated engine. The value can be 0 (creating), 1 (running), 2 (deleting), 3 (deleted), 4 (creation failed), 5 (frozen), 6 (abnormal), 7 (updating), or 8 (update failed).
    
+
    Running status of the dedicated engine. The value can be 0 (creating), 1 (running), 2 (deleting), 3 (deleted), 4 (creation failed), 5 (frozen), 6 (abnormal), 7 (updating), or 8 (update failed).
    
     		
 
    
 
    access_status
    
@@ -222,7 +222,10 @@
     		
 
    Integer
    
 
    Whether the dedicated engine can be upgraded. The value can be 0 for no or 1 for yes.
    
+
    Whether the dedicated engine can be upgraded.
    
+
    • 0: the dedicated engine is non-upgradable
      
+
    • 1: the dedicated engine is upgradable
      
+
    
     		
 
    
 
    cloudServiceType
    
@@ -250,14 +253,7 @@
     		
 
    String
    
 
    Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB.
    
-
    hosts
    
-
    Array of IdHostnameEntry objects
    
-
    Domain name protected by the dedicated engine.
    
+
    Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB. 8vCPUs | 16GB maps to waf.instance.enterprise, and 2vCPUs | 4GB to waf.instance. professional.
    
     		
 
    
 
    server_id
    
@@ -274,30 +270,25 @@
 
    ID of the ECS hosting the dedicated engine. This parameter is the same as server_id, and will be deleted.
    
     		
 
    
-
    
-
-
    
-
-
-
-
-
-
-
-
-
-
+
+
+
+
@@ -305,26 +296,26 @@
 
    Status code: 400
    
 
-
    Table 5 IdHostnameEntry
    Parameter
    
-
    Type
    
-
    Description
    
-
    id
    
+
    create_time
    
 
    String
    
+
    Long
    
 
    ID of the protected domain name. This is a unique ID automatically generated by the system.
    
+
    Timestamp when the dedicated WAF engine was created.
    
     		
 
    hostname
    
+
    data_volume_size
    
 
    String
    
+
    Integer
    
 
    Protected domain name
    
+
    Size of the data disk, in GB.
    
+
    res_tenant_type
    
+
    Integer
    
+
    Type of the dedicated WAF instance. If the type is Network Interface, this field is returned and its value is 1.
    
     		
 
    
     
 
    Table 6 Response body parameters
    Parameter
    
+
    
-
-
-
-
-
-
-
-
@@ -332,26 +323,26 @@
 
    Status code: 401
    
 
-
    Table 5 Response body parameters
    Parameter
    
 
    Type
    
+
    Type
    
 
    Description
    
+
    Description
    
     		
 
    
 
    error_code
    
+
    error_code
    
 
    String
    
+
    String
    
 
    Error code
    
+
    Error code
    
     		
 
    error_msg
    
+
    error_msg
    
 
    String
    
+
    String
    
 
    Error message
    
+
    Error message
    
     		
 
    
     
 
    Table 7 Response body parameters
    Parameter
    
+
    
-
-
-
-
-
-
-
-
@@ -359,26 +350,26 @@
 
    Status code: 500
    
 
-
    Table 6 Response body parameters
    Parameter
    
 
    Type
    
+
    Type
    
 
    Description
    
+
    Description
    
     		
 
    
 
    error_code
    
+
    error_code
    
 
    String
    
+
    String
    
 
    Error code
    
+
    Error code
    
     		
 
    error_msg
    
+
    error_msg
    
 
    String
    
+
    String
    
 
    Error message
    
+
    Error message
    
     		
 
    
     
 
    Table 8 Response body parameters
    Parameter
    
+
    
-
-
-
-
-
-
-
-
@@ -413,10 +404,6 @@
   "cpu_flavor" : "Si2.2xlarge.2",
   "run_status" : 2,
   "access_status" : 1,
-  "hosts" : [ {
-    "id" : "c3be17bbe3a641c7a1ded6019c377402",
-    "hostname" : "demo.www.com"
-  } ],
   "instancename" : "0412elb",
   "instance_name" : "0412elb",
   "create_time" : 1649923548548
diff --git a/docs/wafd/api-ref/public_sys-resources/icon-arrowdn.gif b/docs/wafd/api-ref/public_sys-resources/icon-arrowdn.gif
index 84eec9be2f2ce458e888f8a9b803f9387247726a..379428032932289326e52c2772bd90ba3d88b906 100644
GIT binary patch
literal 1887
zcmZ?wbhEHbCgqow
z*eU^C3h_d20o>TUVm+{T^pf*)^(zt!^bPe4Kwg3=^!3HBG&dKny0|1L72#g21{a4^
z7NqJ2r55Lx7A2Jm>Ih`8X1|p
zSh~8p7&*iAy5uL9=BDPA!1Sgd^t#~G3rY&P1wfl!Qj0RnQd8WD@^clyUbf1_?G{Iz
z=0WwQ;C71>PQCg-$LND17Ac}(Lcr7mV#1RxkONQnsd>QEUIa|mjQ{`r{qy_R&mZ5v
zef{$J)5j0*-@SeF`qj%9&!0Vg^7zri2lwyYy>t84%^TORUA=Po(!~qs&z(JU`qar2
z$B!L7a`@1}1N-;w-Lrew&K=vgZQZhY)5ZeMTG_VdAT{+S(zE>
zX{jm6Nr?&Zaj`McQIQehVWA3>*p!%p5Wn0u7E$th{n6D>ft^YU5&dnB%c=(a~-RV>2EO25SIA
CZ-yWM

literal 68
zcmZ?wbhEHbzkByxQ$u
Mo$o?7J5~m305MV#!~g&Q

diff --git a/docs/wafd/api-ref/public_sys-resources/icon-arrowrt.gif b/docs/wafd/api-ref/public_sys-resources/icon-arrowrt.gif
index 39583d168d6db303b366b5b8c1780698a6bb6017..6aaaa11c23e919c4798d7dcd2b1ae98dd35dd316 100644
GIT binary patch
literal 1890
zcmZ?wbhEHb7yetOgf{
zR2HP_2c;J0mlh?b0+lO+tSYc_E=o--$uA1Y&(DE{Vn9ZINq%ugeu08>u$h8JcxGNo
zetEGbSiP^Wm1kaYNn&1ds;7&s63_&_%*+%k11Cod14Ab>6ALqQLqk^=3j-5FHzP|&
zBUd9gQwvj9m|mCsATTyHM;rzL?XHK6w
zdE)r7qel)OI(T6JzP)>P@7lRz`?jrHHgDRvVg0(bYgVsXxnlXUrArnsTDV~Tyt#8`
z&zd=7`n0K2CQq6;p}()Ur@O1OqrI)QrMaoGp}wxRrn;)KqP(oMq`0WCAU`iRCp#-M
zBRwrOB{?ZEAwDiPCORrIB0MZKBseHAz~9f;$J@)(!`;o*#o5Wx!QRf+#@fo#!raW%
z#MsEtKwnQ+M_Wr%LtRZ(MOjHvL0(Q)Mp{ZzLR?H#L|8~rfS-?-hntI&gPo0)g_((w
zfkE*n3y@@B&;b#k`jUY|nSq%>!ec`MLnAA%oR7zc2TpB#@>)|YCO&lN;uMU!b7Eqm
H1A{dHTIz>f

literal 70
zcmZ?wbhEHb
 
  • Deleting a Domain Name from a Dedicated WAF Instance
    
 
    • 
+
  • Modifying the Protection Status of a Domain Name in Dedicated Mode
    
+
    • 
 
 
 
    
diff --git a/docs/wafd/api-ref/topic_300000003.html b/docs/wafd/api-ref/topic_300000003.html
index afaf6936..5d7a7108 100644
--- a/docs/wafd/api-ref/topic_300000003.html
+++ b/docs/wafd/api-ref/topic_300000003.html
@@ -5,11 +5,13 @@
 
    
 
    
 
 
    
 
diff --git a/docs/wafd/api-ref/waf_02_0087.html b/docs/wafd/api-ref/waf_02_0087.html
index d83967c7..a7048f93 100644
--- a/docs/wafd/api-ref/waf_02_0087.html
+++ b/docs/wafd/api-ref/waf_02_0087.html
@@ -8,7 +8,24 @@
 
 
 
-    
+
+
+
+
+
+
+
+
+
diff --git a/docs/wafd/api-ref/waf_02_0119.html b/docs/wafd/api-ref/waf_02_0119.html
new file mode 100644
index 00000000..dd4141b6
--- /dev/null
+++ b/docs/wafd/api-ref/waf_02_0119.html
@@ -0,0 +1,13 @@
+
+
+
    Permissions and Supported Actions
    
+
    
+
+
diff --git a/docs/wafd/api-ref/waf_02_0129.html b/docs/wafd/api-ref/waf_02_0129.html
new file mode 100644
index 00000000..bbaeee1a
--- /dev/null
+++ b/docs/wafd/api-ref/waf_02_0129.html
@@ -0,0 +1,16 @@
+
+
+
    Introduction
    
+
    This chapter describes fine-grained permissions management for your WAF. If your account does not need individual IAM users, then you may skip over this chapter.
    
+
    By default, new IAM users do not have permissions assigned. You need to add a user to one or more groups, and assign permissions policies to these groups. Users inherit permissions from the groups to which they are added and can perform specified operations on cloud services based on the permissions.
    
+
    You can grant users permissions by using roles and policies. Roles: A type of coarse-grained authorization mechanism that defines permissions related to user responsibilities. Policies: A type of fine-grained authorization mechanism that defines permissions required to perform operations on specific cloud resources under certain conditions, meeting requirements for secure access control.
    
+
     
    Policy-based authorization is useful if you want to allow or deny the access to an API.
    
+
    
+
    An account has all of the permissions required to call all APIs, but IAM users must have the required permissions specifically assigned. The permissions required for calling an API are determined by the actions supported by the API. Only users who have been granted permissions allowing the actions can call the API successfully.
    
+
    
+
    
+
    
+
    Parent topic: Permissions and Supported Actions
    
+
    
+
    
+
diff --git a/docs/wafd/api-ref/waf_02_0139.html b/docs/wafd/api-ref/waf_02_0139.html
new file mode 100644
index 00000000..52e2f9dc
--- /dev/null
+++ b/docs/wafd/api-ref/waf_02_0139.html
@@ -0,0 +1,910 @@
+
+
+
    Supported Actions
    
+
    WAF provides system-defined policies that can be directly used in IAM. You can also create custom policies and use them to supplement system-defined policies, implementing more refined access control. The following are related concepts:
    
+
    • Permission: A statement in a policy that allows or denies certain operations.
    • APIs: REST APIs that can be called in a custom policy
    • Actions: Added to a custom policy to control permissions for specific operations.
    • Dependent actions: actions on which a specific action depends to take effect. When assigning permissions for the action to a user, you also need to assign permissions for the dependent actions.
    • IAM projects or enterprise projects: Scope of users a permission is granted to. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management. Policies that only contain actions supporting IAM projects can be assigned to user groups and only take effect in IAM. Such policies will not take effect if they are assigned to user groups in Enterprise Project.
       
      The check mark (√) indicates that an action takes effect. The cross mark (x) indicates that an action does not take effect.
      
+
      
+
+
    Table 7 Response body parameters
    Parameter
    
 
    Type
    
+
    Type
    
 
    Description
    
+
    Description
    
     		
 
    
 
    error_code
    
+
    error_code
    
 
    String
    
+
    String
    
 
    Error code
    
+
    Error code
    
     		
 
    error_msg
    
+
    error_msg
    
 
    String
    
+
    String
    
 
    Error message
    
+
    Error message
    
     		
 
    
 
    2022-10-30
    
+
    2023-03-30
    
+
    • Added "Geographical Location Codes."
    • Revised the document based on review comments.
    
+
    2023-03-03
    
+
    Revised the document based on review comments.
    
+
    2022-11-30
    
+
    • Added section "Permissions and Supported Actions".
    • Add the following APIs:
      • Querying the List of Known Attack Source Rules
      • Creating a Known Attack Source Rule
      • Querying a Known Attack Source Rule by ID
      • Updating a Known Attack Source Rule
      • Deleting a Known Attack Source Rule
      • Updating the Cache for a Web Tamper Protection Rule
      • Querying the List of Information Leakage Prevention Rules
      • Creating an Information Leakage Protection Rule
      • Querying an Information Leakage Prevention Rule
      • Updating an Information Leakage Prevention Rule
      • Deleting an Information Leakage Prevention Rule
      
+
    • Modified the following sections:
      • Rule Management: Modified the descriptions of parameters Content-Type and addr.
      • Querying Bandwidth Usage Statistics: Modified the description of parameter group_by.
      
+
    
+
    2022-10-30
    
     		
 
    This is the first official release.
    
 
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Permission
    
+
    API
    
+
    Action
    
+
    Dependency Item
    
+
    IAM Project
    
+
    Querying Details about a Dedicated WAF Instance
    
+
    GET /v1/{project_id}/premium-waf/instance/{instance_id}
    
+
    waf:premiumInstance:get
    
+
    -
    
+
    √
    
+
    Deleting a Dedicated WAF Engine
    
+
    DELETE /v1/{project_id}/premium-waf/instance/{instance_id}
    
+
    waf:premiumInstance:delete
    
+
    -
    
+
    √
    
+
    Renaming a Dedicated WAF Engine
    
+
    PUT /v1/{project_id}/premium-waf/instance/{instance_id}
    
+
    waf:premiumInstance:put
    
+
    -
    
+
    √
    
+
    Creating a Dedicated WAF Engine
    
+
    POST /v1/{project_id}/premium-waf/instance
    
+
    waf:premiumInstance:create
    
+
    -
    
+
    √
    
+
    Operations on a Dedicated WAF Instance
    
+
    POST /v1/{project_id}/premium-waf/instance/{instance_id}/action
    
+
    waf:premiumInstance:put
    
+
    -
    
+
    √
    
+
    Querying the List of Dedicated WAF Engines
    
+
    GET /v1/{project_id}/premium-waf/instance
    
+
    waf:premiumInstance:list
    
+
    -
    
+
    √
    
+
    Adding a Protected Domain Name
    
+
    POST /v1/{project_id}/premium-waf/host
    
+
    waf:instance:create
    
+
    -
    
+
    √
    
+
    Querying Domain Names Protected by Dedicated WAF Engines
    
+
    GET /v1/{project_id}/premium-waf/host
    
+
    waf:instance:list
    
+
    -
    
+
    √
    
+
    Modifying a Domain Name Protected by a Dedicated WAF Instance
    
+
    PUT /v1/{project_id}/premium-waf/host/{host_id}
    
+
    waf:instance:put
    
+
    -
    
+
    √
    
+
    Querying Domain Name Settings in Dedicated Mode
    
+
    GET /v1/{project_id}/premium-waf/host/{host_id}
    
+
    waf:instance:get
    
+
    -
    
+
    √
    
+
    Deleting a Domain Name from a Dedicated WAF Instance
    
+
    DELETE /v1/{project_id}/premium-waf/host/{host_id}
    
+
    waf:instance:delete
    
+
    -
    
+
    √
    
+
    Querying Protection Policies
    
+
    GET /v1/{project_id}/waf/policy
    
+
    waf:instance:list
    
+
    -
    
+
    √
    
+
    Creating a Policy
    
+
    POST /v1/{project_id}/waf/policy
    
+
    waf:policy:create
    
+
    -
    
+
    √
    
+
    Querying a Policy by ID
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}
    
+
    waf:policy:get
    
+
    -
    
+
    √
    
+
    Updating a policy
    
+
    PATCH /v1/{project_id}/waf/policy/{policy_id}
    
+
    waf:policy:put
    
+
    -
    
+
    √
    
+
    Deleting a Policy
    
+
    DELETE /v1/{project_id}/waf/policy/{policy_id}
    
+
    waf:policy:delete
    
+
    -
    
+
    √
    
+
    Changing the Status of a Blacklist or Whitelist Rule
    
+
    PUT/v1/{projectId}/waf/policy/{policyId}/whiteblackip/{ruleId}/status
    
+
    waf:whiteBlackIpRule:put
    
+
    -
    
+
    √
    
+
    Changing the Status of a CC attack protection rule
    
+
    PUT/v1/{projectId}/waf/policy/{policyId}/cc/{ruleId}/status
    
+
    waf:ccRule:put
    
+
    -
    
+
    √
    
+
    Changing the Status of a Precise Protection Rule
    
+
    PUT/v1/{projectId}/waf/policy/{policyId}/custom/{ruleId}/status
    
+
    waf:preciseProtectionRule:put
    
+
    -
    
+
    √
    
+
    Changing the Status of a Data Masking Rule
    
+
    PUT/v1/{projectId}/waf/policy/{policyId}/privacy/{ruleId}/status
    
+
    waf:privacyRule:put
    
+
    -
    
+
    √
    
+
    Changing the Status of an Information Leakage Protection Rule
    
+
    PUT/v1/{projectId}/waf/policy/{policyId}/antileakage/{ruleId}/status
    
+
    waf:antiLeakageRule:put
    
+
    -
    
+
    √
    
+
    Changing the Status of a False Alarm Masking Rule
    
+
    PUT/v1/{projectId}/waf/policy/{policyId}/ignore/{ruleId}/status
    
+
    waf:falseAlarmMaskRule:put
    
+
    -
    
+
    √
    
+
    Changing the Status of a Geolocation Access Control Rule
    
+
    PUT/v1/{projectId}/waf/policy/{policyId}/geoip/{ruleId}/status
    
+
    waf:geoIpRule:put
    
+
    -
    
+
    √
    
+
    Changing the Status of a Web Tamper Protection Rule
    
+
    PUT/v1/{projectId}/waf/policy/{policyId}/antitamper/{ruleId}/status
    
+
    waf:antiTamperRule:put
    
+
    -
    
+
    √
    
+
    Querying the Blacklist and Whitelist Rule List
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackip
    
+
    waf:whiteBlackIpRule:list
    
+
    -
    
+
    √
    
+
    Creating a Blacklist or Whitelist Rule
    
+
    POST /v1/{project_id}/waf/policy/{policy_id}/whiteblackip
    
+
    waf:whiteBlackIpRule:create
    
+
    -
    
+
    √
    
+
    Querying a Blacklist or Whitelist Rule
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}
    
+
    waf:whiteBlackIpRule:get
    
+
    -
    
+
    √
    
+
    Updating a Blacklist or Whitelist Rule
    
+
    PUT /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}
    
+
    waf:whiteBlackIpRule:put
    
+
    -
    
+
    √
    
+
    Deleting a Blacklist or Whitelist Rule
    
+
    DELETE /v1/{project_id}/waf/policy/{policy_id}/whiteblackip/{rule_id}
    
+
    waf:whiteBlackIpRule:delete
    
+
    -
    
+
    √
    
+
    Querying CC Attack Protection Rules
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/cc
    
+
    waf:ccRule:list
    
+
    -
    
+
    √
    
+
    Creating a CC attack protection rule
    
+
    POST /v1/{project_id}/waf/policy/{policy_id}/cc
    
+
    waf:ccRule:create
    
+
    -
    
+
    √
    
+
    Querying a CC Attack Protection Rule by ID
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}
    
+
    waf:ccRule:get
    
+
    -
    
+
    √
    
+
    Updating a CC Attack Protection Rule
    
+
    PUT /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}
    
+
    waf:ccRule:put
    
+
    -
    
+
    √
    
+
    Deleting a CC Attack Protection Rule
    
+
    DELETE /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}
    
+
    waf:ccRule:delete
    
+
    -
    
+
    √
    
+
    Querying Precise Protection Rules
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/custom
    
+
    waf:preciseProtectionRule:list
    
+
    -
    
+
    √
    
+
    Creating a Precise Protection Rule
    
+
    POST /v1/{project_id}/waf/policy/{policy_id}/custom
    
+
    waf:preciseProtectionRule:create
    
+
    -
    
+
    √
    
+
    Querying a Precise Protection Rule by ID
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}
    
+
    waf:preciseProtectionRule:get
    
+
    -
    
+
    √
    
+
    Updating a Precise Protection Rule
    
+
    PUT /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}
    
+
    waf:preciseProtectionRule:put
    
+
    -
    
+
    √
    
+
    Deleting a Precise Protection Rule
    
+
    DELETE /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}
    
+
    waf:preciseProtectionRule:delete
    
+
    -
    
+
    √
    
+
    Querying the Data Masking Rule List
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/privacy
    
+
    waf:privacyRule:list
    
+
    -
    
+
    √
    
+
    Creating a Data Masking Rule
    
+
    POST /v1/{project_id}/waf/policy/{policy_id}/privacy
    
+
    waf:privacyRule:create
    
+
    -
    
+
    √
    
+
    Querying a Data Masking Rule by ID
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}
    
+
    waf:privacyRule:get
    
+
    -
    
+
    √
    
+
    Updating the Data Masking Rule List
    
+
    PUT /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}
    
+
    waf:privacyRule:put
    
+
    -
    
+
    √
    
+
    Deleting a Data Masking Rule
    
+
    DELETE /v1/{project_id}/waf/policy/{policy_id}/privacy/{rule_id}
    
+
    waf:privacyRule:delete
    
+
    -
    
+
    √
    
+
    Creating a Known Attack Source Rule
    
+
    POST /v1/{project_id}/waf/policy/{policy_id}/punishment
    
+
    waf:punishmentRule:create
    
+
    -
    
+
    √
    
+
    Querying the List of Known Attack Source Rules
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/punishment
    
+
    waf:punishmentRule:list
    
+
    -
    
+
    √
    
+
    Querying a Known Attack Source Rule by ID
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}
    
+
    waf:punishmentRule:get
    
+
    -
    
+
    √
    
+
    Updating a Known Attack Source Rule
    
+
    PUT /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}
    
+
    waf:punishmentRule:put
    
+
    -
    
+
    √
    
+
    Deleting a Known Attack Source Rule
    
+
    DELETE /v1/{project_id}/waf/policy/{policy_id}/punishment/{rule_id}
    
+
    waf:punishmentRule:delete
    
+
    -
    
+
    √
    
+
    Querying the List of Web Tamper Protection Rules
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/antitamper
    
+
    waf:antiTamperRule:list
    
+
    -
    
+
    √
    
+
    Creating a Web Tamper Protection Rule
    
+
    POST /v1/{project_id}/waf/policy/{policy_id}/antitamper
    
+
    waf:antiTamperRule:create
    
+
    -
    
+
    √
    
+
    Querying a Web Tamper Protection Rule by ID
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}
    
+
    waf:antiTamperRule:get
    
+
    -
    
+
    √
    
+
    Updating the Cache for a Web Tamper Protection Rule
    
+
    POST /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}/refresh
    
+
    waf:antiTamperRule:create
    
+
    -
    
+
    √
    
+
    Deleting a Web Tamper Protection Rule
    
+
    DELETE /v1/{project_id}/waf/policy/{policy_id}/antitamper/{rule_id}
    
+
    waf:antiTamperRule:delete
    
+
    -
    
+
    √
    
+
    Querying the List of Information Leakage Prevention Rules
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/antileakage
    
+
    waf:antiLeakageRule:list
    
+
    -
    
+
    √
    
+
    Creating an Information Leakage Protection Rule
    
+
    POST /v1/{project_id}/waf/policy/{policy_id}/antileakage
    
+
    waf:antiLeakageRule:create
    
+
    -
    
+
    √
    
+
    Querying an Information Leakage Prevention Rule
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}
    
+
    waf:antiLeakageRule:get
    
+
    -
    
+
    √
    
+
    Updating an Information Leakage Prevention Rule
    
+
    PUT /v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}
    
+
    waf:antiLeakageRule:put
    
+
    -
    
+
    √
    
+
    Deleting an Information Leakage Prevention Rule
    
+
    DELETE /v1/{project_id}/waf/policy/{policy_id}/antileakage/{rule_id}
    
+
    waf:antiLeakageRule:delete
    
+
    -
    
+
    √
    
+
    Querying the False Alarm Masking Rule List
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/ignore
    
+
    waf:falseAlarmMaskRule:list
    
+
    -
    
+
    √
    
+
    Creating a False Alarm Masking Rule
    
+
    POST /v1/{project_id}/waf/policy/{policy_id}/ignore
    
+
    waf:falseAlarmMaskRule:create
    
+
    -
    
+
    √
    
+
    Querying a False Alarm Masking Rule
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}
    
+
    waf:falseAlarmMaskRule:get
    
+
    -
    
+
    √
    
+
    Deleting a False Alarm Masking Rule
    
+
    DELETE /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}
    
+
    waf:falseAlarmMaskRule:delete
    
+
    -
    
+
    √
    
+
    Querying the List of Geolocation Access Control Rule
    
+
    GET /v1/{project_id}/waf/policy/{policy_id}/geoip
    
+
    waf:geoIpRule:get
    
+
    -
    
+
    √
    
+
    Creating a Geolocation Access Control Rule
    
+
    POST /v1/{project_id}/waf/policy/{policy_id}/geoip
    
+
    waf:geoIpRule:create
    
+
    -
    
+
    √
    
+
    Updating a Geolocation Access Control Rule
    
+
    PUT /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}
    
+
    waf:geoIpRule:put
    
+
    -
    
+
    √
    
+
    Deleting a Geolocation Access Control Rule
    
+
    DELETE /v1/{project_id}/waf/policy/{policy_id}/geoip/{rule_id}
    
+
    waf:geoIpRule:delete
    
+
    -
    
+
    √
    
+
    Querying the Reference Table List
    
+
    GET /v1/{project_id}/waf/valuelist
    
+
    waf:valuelist:list
    
+
    -
    
+
    √
    
+
    Creating a Reference Table
    
+
    POST /v1/{project_id}/waf/valuelist
    
+
    waf:valueList:create
    
+
    -
    
+
    √
    
+
    Modifying a Reference Table
    
+
    PUT /v1/{project_id}/waf/valuelist/{valuelistid}
    
+
    waf:valueList:put
    
+
    -
    
+
    √
    
+
    Deleting a Reference Table
    
+
    DELETE /v1/{project_id}/waf/valuelist/{valuelistid}
    
+
    waf:valueList:delete
    
+
    -
    
+
    √
    
+
    Querying the Certificate List
    
+
    GET /v1/{project_id}/waf/certificate
    
+
    waf:certificate:list
    
+
    -
    
+
    √
    
+
    Creating a Certificate
    
+
    POST /v1/{project_id}/waf/certificate
    
+
    waf:certificate:create
    
+
    -
    
+
    √
    
+
    Querying a Certificate
    
+
    GET /v1/{project_id}/waf/certificate/{certificate_id}
    
+
    waf:certificate:get
    
+
    -
    
+
    √
    
+
    Deleting a Certificate
    
+
    DELETE /v1/{project_id}/waf/certificate/{certificate_id}
    
+
    waf:certificate:delete
    
+
    -
    
+
    √
    
+
    Querying Website Request Statistics
    
+
    GET /v1/{project_id}/waf/overviews/statistics
    
+
    waf:event:get
    
+
    -
    
+
    √
    
+
    Querying the QPS Statistics
    
+
    GET /v1/{project_id}/waf/overviews/qps/timeline
    
+
    waf:event:get
    
+
    -
    
+
    √
    
+
    Querying Bandwidth Usage Statistics
    
+
    GET /v1/{project_id}/waf/overviews/bandwidth/timeline
    
+
    waf:event:get
    
+
    -
    
+
    √
    
+
    Querying the List of Attack Event
    
+
    GET /v1/{project_id}/waf/event
    
+
    waf:event:get
    
+
    -
    
+
    √
    
+
    Querying Attack Event Details
    
+
    GET /v1/{project_id}/waf/event/{eventid}
    
+
    waf:event:get
    
+
    -
    
+
    √
    
+
    
+
    
+
+
+
    
+
    
+
    Parent topic: Permissions and Supported Actions
    
+
    
+
    
+
diff --git a/docs/wafd/api-ref/waf_02_0186.html b/docs/wafd/api-ref/waf_02_0186.html
new file mode 100644
index 00000000..5c400de1
--- /dev/null
+++ b/docs/wafd/api-ref/waf_02_0186.html
@@ -0,0 +1,1042 @@
+
+
+
    Geographical Location Codes
    
+
    
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    Geographical Location Code
    
+
    Geolocation
    
+
    Code
    
+
    Geolocation
    
+
    Code
    
+
    Geolocation
    
+
    Afghanistan
    
+
    Afghanistan
    
+
    Djibouti
    
+
    Djibouti
    
+
    Liechtenstein
    
+
    Liechtenstein
    
+
    Ahvenanmaa
    
+
    Ahvenanmaa
    
+
    Dominica
    
+
    Dominica
    
+
    Lithuania
    
+
    Lithuania
    
+
    Albania
    
+
    Albania
    
+
    Dominican Republic
    
+
    Dominican Republic
    
+
    Luxembourg
    
+
    Luxembourg
    
+
    Algeria
    
+
    Algeria
    
+
    East Timor
    
+
    East Timor
    
+
    Spain
    
+
    Spain
    
+
    American Samoa
    
+
    American Samoa
    
+
    Ecuador
    
+
    Ecuador
    
+
    Madagascar
    
+
    Madagascar
    
+
    Andorra
    
+
    Andorra
    
+
    Egypt
    
+
    Egypt
    
+
    Malawi
    
+
    Malawi
    
+
    Angola
    
+
    Angola
    
+
    El Salvador
    
+
    El Salvador
    
+
    Malaysia
    
+
    Malaysia
    
+
    Anguilla
    
+
    Anguilla
    
+
    Equatorial Guinea
    
+
    Equatorial Guinea
    
+
    Maldives
    
+
    Maldives
    
+
    Antigua and Barbuda
    
+
    Antigua and Barbuda
    
+
    Eritrea
    
+
    Eritrea
    
+
    Mali
    
+
    Mali
    
+
    Argentina
    
+
    Argentina
    
+
    Estonia
    
+
    Estonia
    
+
    Malta
    
+
    Malta
    
+
    Armenia
    
+
    Armenia
    
+
    Ethiopia
    
+
    Ethiopia
    
+
    Marshall Islands
    
+
    Marshall Islands
    
+
    Aruba
    
+
    Aruba
    
+
    Falkland Islands
    
+
    Falkland Islands
    
+
    Martinique
    
+
    Martinique
    
+
    AU
    
+
    Australia
    
+
    Faroe Islands
    
+
    Faroe Islands
    
+
    Mauritania
    
+
    Mauritania
    
+
    Austria
    
+
    Austria
    
+
    Fiji
    
+
    Fiji
    
+
    Mauritius
    
+
    Mauritius
    
+
    Azerbaijan
    
+
    Azerbaijan
    
+
    Finland
    
+
    Finland
    
+
    Mayotte
    
+
    Mayotte
    
+
    Bahamas
    
+
    Bahamas
    
+
    FR
    
+
    France
    
+
    Mexico
    
+
    Mexico
    
+
    Bahrain
    
+
    Bahrain
    
+
    French Guiana
    
+
    French Guiana
    
+
    Micronesia
    
+
    Micronesia
    
+
    Bangladesh
    
+
    Bangladesh
    
+
    French Polynesia
    
+
    French Polynesia
    
+
    Moldova
    
+
    Moldova
    
+
    Barbados
    
+
    Barbados
    
+
    Gabon
    
+
    Gabon
    
+
    Monaco
    
+
    Monaco
    
+
    Belarus
    
+
    Belarus
    
+
    Gambia
    
+
    Gambia
    
+
    Mongolia
    
+
    Mongolia
    
+
    Belgium
    
+
    Belgium
    
+
    Georgia
    
+
    Georgia
    
+
    Montenegro
    
+
    Montenegro
    
+
    Belize
    
+
    Belize
    
+
    Ghana
    
+
    Ghana
    
+
    Montserrat
    
+
    Montserrat
    
+
    Benin
    
+
    Benin
    
+
    Gibraltar
    
+
    Gibraltar
    
+
    Morocco
    
+
    Morocco
    
+
    Bermuda
    
+
    Bermuda
    
+
    Greece
    
+
    Greece
    
+
    Mozambique
    
+
    Mozambique
    
+
    Bhutan
    
+
    Bhutan
    
+
    Greenland
    
+
    Greenland
    
+
    Myanmar
    
+
    Myanmar
    
+
    Bolivia
    
+
    Bolivia
    
+
    Grenada
    
+
    Grenada
    
+
    Namibia
    
+
    Namibia
    
+
    Bosnia and Herzegovina
    
+
    Bosnia and Herzegovina
    
+
    Guadeloupe
    
+
    Guadeloupe
    
+
    Nauru
    
+
    Nauru
    
+
    Botswana
    
+
    Botswana
    
+
    Guam
    
+
    Guam
    
+
    Nepal
    
+
    Nepal
    
+
    Bouvet Island
    
+
    Bouvet Island
    
+
    Guatemala
    
+
    Guatemala
    
+
    New Caledonia
    
+
    New Caledonia
    
+
    BR
    
+
    Brazil
    
+
    Guernsey
    
+
    Guernsey
    
+
    New Zealand
    
+
    New Zealand
    
+
    British Indian Ocean Territory
    
+
    British Indian Ocean Territory
    
+
    Guinea
    
+
    Guinea
    
+
    Nicaragua
    
+
    Nicaragua
    
+
    British Virgin Islands
    
+
    British Virgin Islands
    
+
    Guinea-Bissau
    
+
    Guinea-Bissau
    
+
    Niger
    
+
    Niger
    
+
    Brunei Darussalam
    
+
    Brunei Darussalam
    
+
    Guyana
    
+
    Guyana
    
+
    Nigeria
    
+
    Nigeria
    
+
    Bulgaria
    
+
    Bulgaria
    
+
    Haiti
    
+
    Haiti
    
+
    Niue
    
+
    Niue
    
+
    Burkina Faso
    
+
    Burkina Faso
    
+
    Honduras
    
+
    Honduras
    
+
    Norfolk Island
    
+
    Norfolk Island
    
+
    Burundi
    
+
    Burundi
    
+
    Hungary
    
+
    Hungary
    
+
    North Korea
    
+
    North Korea
    
+
    CA
    
+
    Canada
    
+
    Iceland
    
+
    Iceland
    
+
    Northern Mariana Islands
    
+
    Northern Mariana Islands
    
+
    Cambodia
    
+
    Cambodia
    
+
    IN
    
+
    India
    
+
    Norway
    
+
    Norway
    
+
    Cameroon
    
+
    Cameroon
    
+
    Indonesia
    
+
    Indonesia
    
+
    Oman
    
+
    Oman
    
+
    Cape Verde
    
+
    Cape Verde
    
+
    Turkmenistan
    
+
    Turkmenistan
    
+
    Pakistan
    
+
    Pakistan
    
+
    Caribbean Netherlands
    
+
    Caribbean Netherlands
    
+
    Iraq
    
+
    Iraq
    
+
    Palau
    
+
    Palau
    
+
    Cayman Islands
    
+
    Cayman Islands
    
+
    Ireland
    
+
    Ireland
    
+
    Palestine
    
+
    Palestine
    
+
    Central African Republic
    
+
    Central African Republic
    
+
    Isle of Man
    
+
    Isle of Man
    
+
    Panama
    
+
    Panama
    
+
    Chad
    
+
    Chad
    
+
    Israel
    
+
    Israel
    
+
    Papua New Guinea
    
+
    Papua New Guinea
    
+
    Chile
    
+
    Chile
    
+
    Italy
    
+
    Italy
    
+
    Paraguay
    
+
    Paraguay
    
+
    Christmas Island
    
+
    Christmas Island
    
+
    Jamaica
    
+
    Jamaica
    
+
    Peru
    
+
    Peru
    
+
    Colombia
    
+
    Colombia
    
+
    Jersey
    
+
    Jersey
    
+
    Philippines
    
+
    Philippines
    
+
    Comoros
    
+
    Comoros
    
+
    Jordan
    
+
    Jordan
    
+
    Poland
    
+
    Poland
    
+
    Congo
    
+
    Congo
    
+
    JP
    
+
    Japan
    
+
    Portugal
    
+
    Portugal
    
+
    Congo, Democratic Republic
    
+
    Congo, Democratic Republic
    
+
    Kazakhstan
    
+
    Kazakhstan
    
+
    Puerto Rico
    
+
    Puerto Rico
    
+
    Cook Islands
    
+
    Cook Islands
    
+
    Kenya
    
+
    Kenya
    
+
    Qatar
    
+
    Qatar
    
+
    Costa Rica
    
+
    Costa Rica
    
+
    Kiribati
    
+
    Kiribati
    
+
    Reunion
    
+
    Reunion
    
+
    Cote D'Ivoire (Ivory Coast)
    
+
    Cote D'Ivoire (Ivory Coast)
    
+
    Kuwait
    
+
    Kuwait
    
+
    Romania
    
+
    Romania
    
+
    Croatia
    
+
    Croatia
    
+
    Kyrgyzstan
    
+
    Kyrgyzstan
    
+
    Turks and Caicos Islands
    
+
    Turks and Caicos Islands
    
+
    Cuba
    
+
    Cuba
    
+
    Laos
    
+
    Laos
    
+
    Rwanda
    
+
    Rwanda
    
+
    Curaao
    
+
    Curaao
    
+
    Latvia
    
+
    Latvia
    
+
    Saint Barthelemy
    
+
    Saint Barthelemy
    
+
    Cyprus
    
+
    Cyprus
    
+
    Lebanon
    
+
    Lebanon
    
+
    Saint Kitts and Nevis
    
+
    Saint Kitts and Nevis
    
+
    Czech Republic
    
+
    Czech Republic
    
+
    Lesotho
    
+
    Lesotho
    
+
    Saint Lucia
    
+
    Saint Lucia
    
+
    DE
    
+
    Germany
    
+
    Liberia
    
+
    Liberia
    
+
    Saint Martin
    
+
    Saint Martin
    
+
    Denmark
    
+
    Denmark
    
+
    Libya
    
+
    Libya
    
+
    Saint Vincent and the Grenadines
    
+
    Saint Vincent and the Grenadines
    
+
    Saint-Pierre and Miquelon
    
+
    Saint-Pierre and Miquelon
    
+
    Sultan
    
+
    Sultan
    
+
    Tuvalu
    
+
    Tuvalu
    
+
    Samoa
    
+
    Samoa
    
+
    Suriname
    
+
    Suriname
    
+
    Uganda
    
+
    Uganda
    
+
    San Marino
    
+
    San Marino
    
+
    Swaziland
    
+
    Swaziland
    
+
    UK
    
+
    United Kingdom
    
+
    Sao Tome and Principe
    
+
    Sao Tome and Principe
    
+
    Sweden
    
+
    Sweden
    
+
    United Arab Emirates
    
+
    United Arab Emirates
    
+
    Saudi Arabia
    
+
    Saudi Arabia
    
+
    Switzerland
    
+
    Switzerland
    
+
    United States Virgin Islands
    
+
    United States Virgin Islands
    
+
    Senegal
    
+
    Senegal
    
+
    Syria
    
+
    Syria
    
+
    Uruguay
    
+
    Uruguay
    
+
    Serbia
    
+
    Serbia
    
+
    Tajikistan
    
+
    Tajikistan
    
+
    US
    
+
    United States
    
+
    Seychelles
    
+
    Seychelles
    
+
    Tanzania
    
+
    Tanzania
    
+
    Uzbekistan
    
+
    Uzbekistan
    
+
    Sierra Leone
    
+
    Sierra Leone
    
+
    Thailand
    
+
    Thailand
    
+
    Vanuatu
    
+
    Vanuatu
    
+
    Singapore
    
+
    Singapore
    
+
    The Netherlands
    
+
    The Netherlands
    
+
    Vatican City
    
+
    Vatican City
    
+
    Sint Maarten
    
+
    Sint Maarten
    
+
    The Republic of Korea
    
+
    The Republic of Korea
    
+
    Venezuela
    
+
    Venezuela
    
+
    Slovakia
    
+
    Slovakia
    
+
    The Republic of Kosovo
    
+
    The Republic of Kosovo
    
+
    Viet Nam
    
+
    Vietnam
    
+
    Slovenia
    
+
    Slovenia
    
+
    Togo
    
+
    Togo
    
+
    Wallis and Futuna
    
+
    Wallis and Futuna
    
+
    Solomon Islands
    
+
    Solomon Islands
    
+
    Tokelau
    
+
    Tokelau
    
+
    Yemen
    
+
    Yemen
    
+
    Somalia
    
+
    Somalia
    
+
    Tonga
    
+
    Tonga
    
+
    Zambia
    
+
    Zambia
    
+
    South Africa
    
+
    South Africa
    
+
    Trinidad and Tobago
    
+
    Trinidad and Tobago
    
+
    Zimbabwe
    
+
    Zimbabwe
    
+
    South Georgia and The South Sandwich Islands
    
+
    South Georgia and The South Sandwich Islands
    
+
    Tunisia
    
+
    Tunisia
    
+
    Sri Lanka
    
+
    Sri Lanka
    
+
    South Sudan
    
+
    South Sudan
    
+
    -
    
+
    -
    
+
    -
    
+
    -
    
+
    
+
    
+
    
+
    
+
    
+
    Parent topic: Appendix
    
+
    
+
    
+