Updating a Protection Policy
Function
This API is used to update a protection policy. The request body can contain only the part that needs to be updated.
Debugging
You can use API Explorer to debug this API.
URI
PATCH /v1/{project_id}/waf/policy/{policy_id}
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| project_id | Yes | String | Project ID |
| policy_id | Yes | String | Policy ID. It can be obtained by calling the API for querying the policy list. |
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| enterprise_project_id | No | String | Enterprise project ID |
Request Parameters
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| X-Auth-Token | Yes | String | User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header). |
| Content-Type | Yes | String | Content type Default: application/json;charset=utf8 |
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| name | No | String | Policy name |
| action | No | PolicyAction object | Operation |
| options | No | PolicyOption object | Option |
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| category | No | String | Protection level. The options are log and block. |
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| webattack | No | Boolean | Whether basic web protection is enabled |
| common | No | Boolean | Whether general check is enabled |
| crawler | No | Boolean | Whether anti-crawler is enabled |
| crawler_engine | No | Boolean | Whether the search engine check is enabled |
| crawler_scanner | No | Boolean | Whether anti-crawler is enabled |
| crawler_script | No | Boolean | Whether JavaScript-based anti-crawler is enabled |
| crawler_other | No | Boolean | Whether the other check item of anti-crawler is enabled |
| webshell | No | Boolean | Whether web shell check is enabled |
| cc | No | Boolean | Whether the CC attack protection is enabled |
| custom | No | Boolean | Whether precise protection is enabled |
| whiteblackip | No | Boolean | Whether blacklist and whitelist protection is enabled |
| ignore | No | Boolean | Whether false alarm masking is enabled |
| privacy | No | Boolean | Whether data masking is enabled |
| antitamper | No | Boolean | Whether web tamper protection is enabled |
Response Parameters
Status code: 200
| Parameter | Type | Description |
|---|---|---|
| id | String | Policy ID |
| name | String | Policy name |
| action | PolicyAction object | Operation |
| options | PolicyOption object | Option |
| level | Integer | Protection level |
| full_detection | Boolean | Detection mode in a precise protection rule |
| bind_host | Array of BindHost objects | Basic information about the protected domain name |
| timestamp | Long | Time the policy was created |
| extend | Map<String,String> | Extended field |
| Parameter | Type | Description |
|---|---|---|
| category | String | Protection level. The options are log and block. |
| Parameter | Type | Description |
|---|---|---|
| webattack | Boolean | Whether basic web protection is enabled |
| common | Boolean | Whether general check is enabled |
| crawler | Boolean | Whether anti-crawler is enabled |
| crawler_engine | Boolean | Whether the search engine check is enabled |
| crawler_scanner | Boolean | Whether anti-crawler is enabled |
| crawler_script | Boolean | Whether JavaScript-based anti-crawler is enabled |
| crawler_other | Boolean | Whether the other check item of anti-crawler is enabled |
| webshell | Boolean | Whether web shell check is enabled |
| cc | Boolean | Whether the CC attack protection is enabled |
| custom | Boolean | Whether precise protection is enabled |
| whiteblackip | Boolean | Whether blacklist and whitelist protection is enabled |
| ignore | Boolean | Whether false alarm masking is enabled |
| privacy | Boolean | Whether data masking is enabled |
| antitamper | Boolean | Whether web tamper protection is enabled |
| Parameter | Type | Description |
|---|---|---|
| id | String | Domain name ID |
| hostname | String | Domain name |
| waf_type | String | WAF edition for the domain name. The options are cloud and premium. |
| mode | String | (Dedicated mode only) Special domain name mode |
Status code: 400
| Parameter | Type | Description |
|---|---|---|
| error_code | String | Error code |
| error_msg | String | Error code message |
Status code: 401
| Parameter | Type | Description |
|---|---|---|
| error_code | String | Error code |
| error_msg | String | Error code message |
Status code: 500
| Parameter | Type | Description |
|---|---|---|
| error_code | String | Error code |
| error_msg | String | Error code message |
Example Requests
None
Example Responses
None
Status Codes
| Status Code | Description |
|---|---|
| 200 | OK |
| 400 | Request failed |
| 401 | Insufficient token permissions |
| 500 | Internal server error |
Error Codes
See Error Codes.
Last Article: Updating the Domain Name of a Protection Policy
Next Article: Deleting a Policy
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.