vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/waf/api-ref/waf_02_0030.html
Li, Qiao 914011d51b waf_api_1109 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Li, Qiao <qiaoli@huawei.com>
Co-committed-by: Li, Qiao <qiaoli@huawei.com>
2022-11-16 15:31:27 +00:00

28 KiB
Raw Permalink Blame History

Creating a Policy

Function Description

This API is used to create a policy.

URI

  • URI format

    POST /v1/{project_id}/waf/policy

  • Parameter description
    Table 1 Path parameters

    Parameter

    Mandatory

    Type

    Description

    project_id

    Yes

    String

    Specifies the project ID.

Request

Request parameters
Table 2 Parameter description

Parameter

Mandatory

Type

Description

name

Yes

String

Specifies the policy name. The maximum length is 256 characters. Only digits, letters, underscores (_), and hyphens (-) are allowed.

Response

Response parameters
Table 3 Parameter description

Parameter

Type

Description

id

String

Specifies the instance ID.

name

String

Specifies the policy name.

options

Table 4

Specifies whether a protection rule is enabled.

action

Table 5

Specifies the mode of Basic Web Protection. The default value is log.

  • block: WAF blocks and logs detected attacks.
  • log: WAF logs detected attacks only.

level

Integer

Specifies the protection level.

  • 1: low
  • 2: medium
  • 3: high

full_detection

Boolean

Specifies the detection mode in Precise Protection.

hosts

Array

Specifies the domain IDs.

timestamp

Long

Specifies the time when a policy is created.
Table 4 options

Parameter

Type

Description

webattack

Boolean

Specifies whether Basic Web Protection is enabled. By default, this function is enabled.

  • true: enabled.
  • false: disabled.

common

Boolean

Specifies whether General Check in Basic Web Protection is enabled. By default, this function is enabled.

  • true: enabled.
  • false: disabled.

crawler

Boolean

Specifies whether the master crawler detection switch in Basic Web Protection is enabled. By default, this function is enabled.

  • true: enabled.
  • false: disabled.

crawler_engine

Boolean

Specifies whether the Search Engine switch in Basic Web Protection is enabled. By default, this function is disabled.

  • true: enabled.
  • false: disabled.

crawler_scanner

Boolean

Specifies whether the Scanner switch in Basic Web Protection is enabled. By default, this function is enabled.

  • true: enabled.
  • false: disabled.

crawler_script

Boolean

Specifies whether the Script Tool switch in Basic Web Protection is enabled. By default, this function is disabled.

  • true: enabled.
  • false: disabled.

crawler_other

Boolean

Specifies whether detection of other crawlers in Basic Web Protection is enabled. By default, this function is disabled.

  • true: enabled.
  • false: disabled.

webshell

Boolean

Specifies whether webshell detection in Basic Web Protection is enabled. By default, this function is disabled.

  • true: enabled.
  • false: disabled.

cc

Boolean

Specifies whether CC Attack Protection is enabled. By default, this function is enabled.

  • true: enabled.
  • false: disabled.

custom

Boolean

Specifies whether Precise Protection is enabled. By default, this function is enabled.

  • true: enabled.
  • false: disabled.

whiteblackip

Boolean

Specifies whether Blacklist and Whitelist is enabled. By default, this function is enabled.

  • true: enabled.
  • false: disabled.

privacy

Boolean

Specifies whether Data Masking is enabled. By default, this function is enabled.

  • true: enabled.
  • false: disabled.

Ignore

Boolean

Specifies whether False Alarm Masking is enabled. By default, this function is enabled.

  • true: enabled.
  • false: disabled.

antitamper

Boolean

Specifies whether Web Tamper Protection is enabled. By default, this function is enabled.

  • true: enabled.
  • false: disabled.
Table 5 action

Parameter

Type

Description

category

String

Specifies the mode of Basic Web Protection. The default value is log.

  • block: WAF blocks and logs detected attacks.
  • log: WAF logs detected attacks only.

Examples

A policy named policy_1 is used as an example.

  • Request example
    {
  "name": "policy_1"
}
  • Response example
    {
          "id": "xxxxxxxxxxxxxxxxxxxxxxxxx",
          "name": "policy_1",
          "action": {
              "category": "block"
           },
           "options": {
               "webattack": true,
               "common": true,
               "crawler": true,
               "crawler_engine": true,
               "crawler_scanner": true,
               "crawler_script": true,
               "crawler_other": true,
               "webshell": true,
               "cc": true,
               "custom": true,
               "whiteblackip": true,
               "ignore": true,
               "privacy": true,
               "antitamper": true
            },
           "level": 1,
           "full_detection": false,
           "hosts": [],
           "timestamp": 1499817612
}

Status Code

Table 6 describes the normal status code returned by the API.
Table 6 Status code

Status Code

Description

Meaning

200

OK

The request has succeeded.

For details about error status codes, see Status Codes.

Parent topic: Policies