forked from docs/doc-exports
Li, Qiao
d62a949ca4
Reviewed-by: Belejkanic, Lukas <lukas.belejkanic@t-systems.com> Co-authored-by: Li, Qiao <qiaoli@huawei.com> Co-committed-by: Li, Qiao <qiaoli@huawei.com>
546 lines
32 KiB
HTML
546 lines
32 KiB
HTML
<a name="UpdateIgnoreRule"></a><a name="UpdateIgnoreRule"></a>
|
|
|
|
<h1 class="topictitle1">Updating a Global Protection Whitelist (False Alarm Masking) Rule</h1>
|
|
<div><div class="section"><h4 class="sectiontitle">Function</h4><p>This API is used to update a global protection whitelist (false alarm masking) rule.</p>
|
|
</div>
|
|
<div class="section" id="UpdateIgnoreRule__atuogenerate_1"><h4 class="sectiontitle">URI</h4><p>PUT /v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}</p>
|
|
|
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Path Parameters</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.2.3.2.5.1.1"><p>Parameter</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.2.3.2.5.1.2"><p>Mandatory</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.2.3.2.5.1.3"><p>Type</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="40%" id="mcps1.3.2.3.2.5.1.4"><p>Description</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.1 "><p>project_id</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.2 "><p>Yes</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.3 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.2.3.2.5.1.4 "><p>Project ID</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.1 "><p>policy_id</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.2 "><p>Yes</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.3 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.2.3.2.5.1.4 "><p>Policy ID. It can be obtained by calling the <strong>ListPolicy</strong> API.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.1 "><p>rule_id</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.2 "><p>Yes</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.3 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.2.3.2.5.1.4 "><p>ID of the false alarm masking rule. It can be obtained by calling the <strong>ListIgnoreRules</strong> API.</p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</div>
|
|
<div class="section"><h4 class="sectiontitle">Request Parameters</h4>
|
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="UpdateIgnoreRule__HeaderParameter" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Request header parameters</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.2.2.5.1.1"><p>Parameter</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.2.2.5.1.2"><p>Mandatory</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.2.2.5.1.3"><p>Type</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="40%" id="mcps1.3.3.2.2.5.1.4"><p>Description</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.1 "><p>X-Auth-Token</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.2 "><p>Yes</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.3 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.2.2.5.1.4 "><p>User token</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.1 "><p>Content-Type</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.2 "><p>No</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.3 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.2.2.5.1.4 "><p>Content type</p>
|
|
<p>Default: <strong>application/json;charset=utf8</strong></p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
|
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="UpdateIgnoreRule__request_UpdateIgnoreRuleRequestBody" frame="border" border="1" rules="all"><caption><b>Table 3 </b>Request body parameters</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.3.2.5.1.1"><p>Parameter</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.3.2.5.1.2"><p>Mandatory</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.3.2.5.1.3"><p>Type</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="40%" id="mcps1.3.3.3.2.5.1.4"><p>Description</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.1 "><p>domain</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.2 "><p>Yes</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.3 "><p>Array of strings</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.3.2.5.1.4 "><p>Domain names to be protected. If the array length is <strong>0</strong>, this rule will take effect for all domain names that are protected by the policies this rule belongs to.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.1 "><p>conditions</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.2 "><p>Yes</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.3 "><p>Array of <a href="#UpdateIgnoreRule__request_CreateCondition">CreateCondition</a> objects</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.3.2.5.1.4 "><p>Condition list</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.1 "><p>mode</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.2 "><p>Yes</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.3 "><p>Integer</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.3.2.5.1.4 "><p>The value is fixed at <strong>1</strong>, indicating v2 false alarm masking rules.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.1 "><p>rule</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.2 "><p>Yes</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.3 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.3.2.5.1.4 "><p>Items to be masked. You can provide multiple items and separate them with semicolons (;).</p>
|
|
<ul><li><p>If you want to disable a specific built-in rule for a domain name, the value of this parameter is the rule ID. When requests are blocked against a certain built-in rule while you do not want this rule to block requests later, you can query the rule in the <strong>Events</strong> page on the console and find its rule ID in the <strong>Hit Rule</strong> column. Then, you can disk the rule by its ID (including 6 digits).</p>
|
|
</li><li><p>If you want to mask a type of basic web protection rules, set this parameter to the name of the type of basic web protection rules. <strong>xss</strong>: XSS attacks <strong>webshell</strong>: Web shells <strong>vuln</strong>: Other types of attacks <strong>sqli</strong>: SQL injection attack <strong>robot</strong>: Malicious crawlers <strong>rfi</strong>: Remote file inclusion <strong>lfi</strong>: Local file inclusion <strong>cmdi</strong>: Command injection attack</p>
|
|
</li><li><p>To bypass the basic web protection, set this parameter to <strong>all</strong>.</p>
|
|
</li><li><p>To bypass all WAF protection, set this parameter to <strong>bypass</strong>.</p>
|
|
</li></ul>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.1 "><p>advanced</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.2 "><p>No</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.3 "><p>Array of <a href="#UpdateIgnoreRule__request_Advanced">Advanced</a> objects</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.3.2.5.1.4 "><p>To ignore attacks of a specific field, specify the field in the Advanced settings area. After you add the rule, WAF will stop blocking attacks of the specified field. This parameter is not included if all modules are bypassed.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.1 "><p>description</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.2 "><p>No</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.3 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.3.2.5.1.4 "><p>Description of the rule</p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
|
|
<div class="tablenoborder"><a name="UpdateIgnoreRule__request_CreateCondition"></a><a name="request_CreateCondition"></a><table cellpadding="4" cellspacing="0" summary="" id="UpdateIgnoreRule__request_CreateCondition" frame="border" border="1" rules="all"><caption><b>Table 4 </b>CreateCondition</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.4.2.5.1.1"><p>Parameter</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.4.2.5.1.2"><p>Mandatory</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.4.2.5.1.3"><p>Type</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="40%" id="mcps1.3.3.4.2.5.1.4"><p>Description</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>category</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p>Field type. The value can be <strong>url</strong>, <strong>ip</strong>, <strong>params</strong>, <strong>cookie</strong>, or <strong>header</strong>.</p>
|
|
<p>Enumeration values:</p>
|
|
<ul><li><p><strong>url</strong></p>
|
|
</li><li><p><strong>ip</strong></p>
|
|
</li><li><p><strong>params</strong></p>
|
|
</li><li><p><strong>cookie</strong></p>
|
|
</li><li><p><strong>header</strong></p>
|
|
</li></ul>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>contents</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>Array of strings</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p>Content. The array length is limited to <strong>1</strong>. The content format varies depending on the field type. For example, if the field type is <strong>ip</strong>, the value must be an IP address or IP address range. If the field type is <strong>url</strong>, the value must be in the standard URL format. IF the field type is <strong>params</strong>, <strong>cookie</strong>, or <strong>header</strong>, the content format is not limited.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>logic_operation</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p>The matching logic varies depending on the field type. For example, if the field type is <strong>ip</strong>, the logic can be <strong>equal</strong> or <strong>not_equal</strong>. If the field type is <strong>url</strong>, <strong>params</strong>, <strong>cookie</strong>, or <strong>header</strong>, the logic can be <strong>equal</strong>, <strong>not_equal</strong>, <strong>contain</strong>, <strong>not_contain</strong>, <strong>prefix</strong>, <strong>not_prefix</strong>, <strong>suffix</strong>, <strong>not_suffix</strong>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>index</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p>If the field type is <strong>ip</strong> and the subfield is the client IP address, the <strong>index</strong> parameter is not required. If the subfield type is <strong>X-Forwarded-For</strong>, the value is <strong>x-forwarded-for</strong>; If the field type is <strong>params</strong>, <strong>header</strong>, or <strong>cookie</strong>, and the subfield is user-defined, the value of <strong>index</strong> is the user-defined subfield.</p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
|
|
<div class="tablenoborder"><a name="UpdateIgnoreRule__request_Advanced"></a><a name="request_Advanced"></a><table cellpadding="4" cellspacing="0" summary="" id="UpdateIgnoreRule__request_Advanced" frame="border" border="1" rules="all"><caption><b>Table 5 </b>Advanced</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.5.2.5.1.1"><p>Parameter</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.5.2.5.1.2"><p>Mandatory</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.5.2.5.1.3"><p>Type</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="40%" id="mcps1.3.3.5.2.5.1.4"><p>Description</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.5.2.5.1.1 "><p>index</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.5.2.5.1.2 "><p>No</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.5.2.5.1.3 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.5.2.5.1.4 "><p>Field type. The following field types are supported: Params, Cookie, Header, Body, and Multipart.</p>
|
|
<ul><li><p>When you select <strong>Params</strong>, <strong>Cookie</strong>, or <strong>Header</strong>, you can set this parameter to <strong>all</strong> or configure subfields as required.</p>
|
|
</li><li><p>When you select <strong>Body</strong> or <strong>Multipart</strong>, set this parameter to <strong>all</strong>.</p>
|
|
</li></ul>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.5.2.5.1.1 "><p>contents</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.5.2.5.1.2 "><p>No</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.5.2.5.1.3 "><p>Array of strings</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.5.2.5.1.4 "><p>Subfield of the specified field type. The default value is <strong>all</strong>.</p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</div>
|
|
<div class="section"><h4 class="sectiontitle">Response Parameters</h4><p><strong>Status code: 200</strong></p>
|
|
|
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="UpdateIgnoreRule__response_UpdateIgnoreRuleResponseBody" frame="border" border="1" rules="all"><caption><b>Table 6 </b>Response body parameters</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.3.2.4.1.1"><p>Parameter</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.3.2.4.1.2"><p>Type</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="60%" id="mcps1.3.4.3.2.4.1.3"><p>Description</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.1 "><p>id</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.3.2.4.1.3 "><p>Rule ID</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.1 "><p>policyid</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.3.2.4.1.3 "><p>Policy ID</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.1 "><p>rule</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.3.2.4.1.3 "><p>Items to be masked. You can provide multiple items and separate them with semicolons (;).</p>
|
|
<ul><li><p>If you want to disable a specific built-in rule for a domain name, the value of this parameter is the rule ID. When requests are blocked against a certain built-in rule while you do not want this rule to block requests later, you can query the rule in the <strong>Events</strong> page on the console and find its rule ID in the <strong>Hit Rule</strong> column. Then, you can disk the rule by its ID (including 6 digits).</p>
|
|
</li><li><p>If you want to mask a type of basic web protection rules, set this parameter to the name of the type of basic web protection rules. <strong>xss</strong>: XSS attacks <strong>webshell</strong>: Web shells <strong>vuln</strong>: Other types of attacks <strong>sqli</strong>: SQL injection attack <strong>robot</strong>: Malicious crawlers <strong>rfi</strong>: Remote file inclusion <strong>lfi</strong>: Local file inclusion <strong>cmdi</strong>: Command injection attack</p>
|
|
</li><li><p>To bypass the basic web protection, set this parameter to <strong>all</strong>.</p>
|
|
</li><li><p>To bypass all WAF protection, set this parameter to <strong>bypass</strong>.</p>
|
|
</li></ul>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.1 "><p>mode</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.2 "><p>Integer</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.3.2.4.1.3 "><p>The value is fixed at <strong>1</strong>, indicating v2 false alarm masking rules are used.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.1 "><p>conditions</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.2 "><p>Array of <a href="#UpdateIgnoreRule__response_Condition">Condition</a> objects</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.3.2.4.1.3 "><p>Condition list</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.1 "><p>advanced</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.2 "><p>Array of <a href="#UpdateIgnoreRule__response_Advanced">Advanced</a> objects</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.3.2.4.1.3 "><p>Advanced settings</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.1 "><p>domain</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.2 "><p>Array of strings</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.3.2.4.1.3 "><p>Domain names to be protected. If the array length is <strong>0</strong>, this rule will take effect for all domain names that are protected by the policies this rule belongs to.</p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
|
|
<div class="tablenoborder"><a name="UpdateIgnoreRule__response_Condition"></a><a name="response_Condition"></a><table cellpadding="4" cellspacing="0" summary="" id="UpdateIgnoreRule__response_Condition" frame="border" border="1" rules="all"><caption><b>Table 7 </b>Condition</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.4.2.4.1.1"><p>Parameter</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.4.2.4.1.2"><p>Type</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="60%" id="mcps1.3.4.4.2.4.1.3"><p>Description</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p>category</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p>Field type. The value can be <strong>ip</strong>, <strong>url</strong>, <strong>params</strong>, <strong>cookie</strong>, or <strong>header</strong>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p>contents</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p>Array of strings</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p>Content. The array length must be 1. The content format varies depending on field types. For example, if the field type is ip, the value must be an IP address or IP address range. If the field type is url, the value must be a URL in standard format. If the field type is params, cookie, or header, the content format is not limited.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p>logic_operation</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p>The matching logic varies depending on the field type. For example, if the field type is <strong>ip</strong>, the logic can be <strong>equal</strong> or <strong>not_equal</strong>. If the field type is <strong>url</strong>, <strong>params</strong>, <strong>cookie</strong>, or <strong>header</strong>, the logic can be <strong>equal</strong>, <strong>not_equal</strong>, <strong>contain</strong>, <strong>not_contain</strong>, <strong>prefix</strong>, <strong>not_prefix</strong>, <strong>suffix</strong>, <strong>not_suffix</strong>.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p>check_all_indexes_logic</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p>Integer</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p>This parameter is reserved and can be ignored.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p>index</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p>If the field type is <strong>ip</strong> and the subfield is the client IP address, the <strong>index</strong> parameter does not exist. If the subfield type is <strong>X-Forwarded-For</strong>, the value is <strong>x-forwarded-for</strong>. If the field type is <strong>params</strong>, <strong>header</strong>, or <strong>cookie</strong>, and the subfield is user-defined, the value of <strong>index</strong> is the user-defined subfield.</p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
|
|
<div class="tablenoborder"><a name="UpdateIgnoreRule__response_Advanced"></a><a name="response_Advanced"></a><table cellpadding="4" cellspacing="0" summary="" id="UpdateIgnoreRule__response_Advanced" frame="border" border="1" rules="all"><caption><b>Table 8 </b>Advanced</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.5.2.4.1.1"><p>Parameter</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.5.2.4.1.2"><p>Type</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="60%" id="mcps1.3.4.5.2.4.1.3"><p>Description</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.5.2.4.1.1 "><p>index</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.5.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.5.2.4.1.3 "><p>Field type. The following field types are supported: Params, Cookie, Header, Body, and Multipart.</p>
|
|
<ul><li><p>When you select <strong>Params</strong>, <strong>Cookie</strong>, or <strong>Header</strong>, you can set this parameter to <strong>all</strong> or configure subfields as required.</p>
|
|
</li><li><p>When you select <strong>Body</strong> or <strong>Multipart</strong>, set this parameter to <strong>all</strong>.</p>
|
|
</li></ul>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.5.2.4.1.1 "><p>contents</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.5.2.4.1.2 "><p>Array of strings</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.5.2.4.1.3 "><p>Subfield of the specified field type. The default value is <strong>all</strong>.</p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
<p><strong>Status code: 400</strong></p>
|
|
|
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="UpdateIgnoreRule__response_RestErrorResponse" frame="border" border="1" rules="all"><caption><b>Table 9 </b>Response body parameters</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.7.2.4.1.1"><p>Parameter</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.7.2.4.1.2"><p>Type</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="60%" id="mcps1.3.4.7.2.4.1.3"><p>Description</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.7.2.4.1.1 "><p>error_code</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.7.2.4.1.3 "><p>Error code</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.7.2.4.1.1 "><p>error_msg</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.7.2.4.1.3 "><p>Error message</p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
<p><strong>Status code: 401</strong></p>
|
|
|
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="UpdateIgnoreRule__response_RestErrorResponse_1" frame="border" border="1" rules="all"><caption><b>Table 10 </b>Response body parameters</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.9.2.4.1.1"><p>Parameter</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.9.2.4.1.2"><p>Type</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="60%" id="mcps1.3.4.9.2.4.1.3"><p>Description</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.9.2.4.1.1 "><p>error_code</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.9.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.9.2.4.1.3 "><p>Error code</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.9.2.4.1.1 "><p>error_msg</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.9.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.9.2.4.1.3 "><p>Error message</p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
<p><strong>Status code: 500</strong></p>
|
|
|
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="UpdateIgnoreRule__response_RestErrorResponse_2" frame="border" border="1" rules="all"><caption><b>Table 11 </b>Response body parameters</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.11.2.4.1.1"><p>Parameter</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.11.2.4.1.2"><p>Type</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="60%" id="mcps1.3.4.11.2.4.1.3"><p>Description</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.11.2.4.1.1 "><p>error_code</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.11.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.11.2.4.1.3 "><p>Error code</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.11.2.4.1.1 "><p>error_msg</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.11.2.4.1.2 "><p>String</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.11.2.4.1.3 "><p>Error message</p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</div>
|
|
<div class="section"><h4 class="sectiontitle">Example Requests</h4><pre class="screen">PUT https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/ignore/{rule_id}?
|
|
|
|
{
|
|
"domain" : [ "www.example.com" ],
|
|
"mode" : 1,
|
|
"description" : "",
|
|
"conditions" : [ {
|
|
"category" : "ip",
|
|
"logic_operation" : "equal",
|
|
"index" : null,
|
|
"contents" : [ "x.x.x.x" ]
|
|
} ],
|
|
"rule" : "006602"
|
|
}</pre>
|
|
</div>
|
|
<div class="section"><h4 class="sectiontitle">Example Responses</h4><p><strong>Status code: 200</strong></p>
|
|
<p>Request succeeded.</p>
|
|
<pre class="screen">{
|
|
"id" : "40484384970948d79fffe4e4ae1fc54d",
|
|
"policyid" : "f385eceedf7c4c34a4d1def19eafbe85",
|
|
"timestamp" : 1650512535222,
|
|
"description" : "demo",
|
|
"status" : 1,
|
|
"rule" : "006602",
|
|
"mode" : 1,
|
|
"conditions" : [ {
|
|
"category" : "ip",
|
|
"contents" : [ "x.x.x.x" ],
|
|
"logic_operation" : "equal"
|
|
} ],
|
|
"domain" : [ "www.example.com" ]
|
|
}</pre>
|
|
</div>
|
|
<div class="section"><h4 class="sectiontitle">Status Codes</h4>
|
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="UpdateIgnoreRule__status_code" frame="border" border="1" rules="all"><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="15%" id="mcps1.3.7.2.1.3.1.1"><p>Status Code</p>
|
|
</th>
|
|
<th align="left" class="cellrowborder" valign="top" width="85%" id="mcps1.3.7.2.1.3.1.2"><p>Description</p>
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody><tr><td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.7.2.1.3.1.1 "><p>200</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="85%" headers="mcps1.3.7.2.1.3.1.2 "><p>Request succeeded.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.7.2.1.3.1.1 "><p>400</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="85%" headers="mcps1.3.7.2.1.3.1.2 "><p>Request failed.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.7.2.1.3.1.1 "><p>401</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="85%" headers="mcps1.3.7.2.1.3.1.2 "><p>The token does not have required permissions.</p>
|
|
</td>
|
|
</tr>
|
|
<tr><td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.7.2.1.3.1.1 "><p>500</p>
|
|
</td>
|
|
<td class="cellrowborder" valign="top" width="85%" headers="mcps1.3.7.2.1.3.1.2 "><p>Internal server error.</p>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</div>
|
|
<div class="section"><h4 class="sectiontitle">Error Codes</h4><p>See <a href="ErrorCode.html">Error Codes</a>.</p>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="topic_300000003.html">Rule Management</a></div>
|
|
</div>
|
|
</div>
|
|
|