Creating a Protection Policy
Function
A protection policy you create contains default configuration items. To modify these configuration items, you need to call this API to update the protection policy.
URI
POST /v1/{project_id}/waf/policy
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
project_id |
Yes |
String |
Project ID. To obtain its value, log in to the Huawei Cloud console, click the username, choose My Credentials, and find the project ID in the Projects list. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
enterprise_project_id |
No |
String |
Obtain the enterprise project ID by calling the ListEnterpriseProject API of Enterprise Project Management Service (EPS). |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header). |
Content-Type |
Yes |
String |
Content type. Default: application/json;charset=utf8 |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
name |
Yes |
String |
Policy name (The policy name can contain only digits, letters, and underscores (_) and cannot exceed 64 characters.) |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
id |
String |
Policy ID |
name |
String |
Policy name |
level |
Integer |
Basic web protection level:
Default: 2 Enumeration values:
|
full_detection |
Boolean |
Detection mode in the precise protection rule.
|
robot_action |
Action object |
Action taken for anti-crawler protection with feature libraries |
action |
PolicyAction object |
Action |
options |
PolicyOption object |
Whether to enable the protection policy detection module, for example, whether to enable basic web protection. |
modulex_options |
Map<String,Object> |
Configurations of intelligent access control protection items. Currently, this feature is still in the open beta test (OBT) phase and available only in certain sites. |
hosts |
Array of strings |
ID array of protected domain names bound to a protection policy. |
bind_host |
Array of BindHost objects |
Array of protected domain names bound to a protection policy. It contains more detailed domain name information than the hosts field. |
extend |
Map<String,String> |
Extended field, which is used to store the switch configuration of basic web protection. |
timestamp |
Long |
Time a policy was created. |
Parameter |
Type |
Description |
---|---|---|
category |
String |
Action to be taken in anti-crawler protection with feature libraries:
|
Parameter |
Type |
Description |
---|---|---|
category |
String |
Basic web protection action (log: record only; block: block) Enumeration values:
|
Parameter |
Type |
Description |
---|---|---|
webattack |
Boolean |
Whether basic web protection is enabled. Enumeration values:
|
common |
Boolean |
Whether general check is enabled. Enumeration values:
|
crawler |
Boolean |
Reserved parameter. Its value is always true. You can ignore this parameter. Enumeration values:
|
crawler_engine |
Boolean |
Whether the search engine is enabled. Enumeration values:
|
crawler_scanner |
Boolean |
Whether the anti-crawler detection is enabled. Enumeration values:
|
crawler_script |
Boolean |
Whether the JavaScript anti-crawler is enabled. Enumeration values:
|
crawler_other |
Boolean |
Whether other crawler check is enabled. Enumeration values:
|
webshell |
Boolean |
Whether webshell detection is enabled. Enumeration values:
|
cc |
Boolean |
Whether the CC attack protection rules are enabled. Enumeration values:
|
custom |
Boolean |
Whether precise protection is enabled. Enumeration values:
|
whiteblackip |
Boolean |
Whether blacklist and whitelist protection is enabled. Enumeration values:
|
geoip |
Boolean |
Whether geolocation access control is enabled. Enumeration values:
|
ignore |
Boolean |
Whether false alarm masking is enabled. Enumeration values:
|
privacy |
Boolean |
Whether data masking is enabled. Enumeration values:
|
antitamper |
Boolean |
Whether the web tamper protection is enabled. Enumeration values:
|
antileakage |
Boolean |
Whether the information leakage prevention is enabled. Enumeration values:
|
bot_enable |
Boolean |
Whether the website anti-crawler function is enabled. Enumeration values:
|
modulex_enabled |
Boolean |
Whether CC attack protection for moduleX is enabled. This feature is in the open beta test (OBT). During the OBT, only the log only mode is supported. Enumeration values:
|
Status code: 400
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Status code: 401
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Status code: 403
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Status code: 500
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Example Requests
Create a protection policy named demo in the project whose ID is project_id.
POST https://{Endpoint}/v1/{project_id}/waf/policy?enterprise_project_id=0 { "name" : "demo" }
Example Responses
Status code: 200
OK
{ "id" : "38ff0cb9a10e4d5293c642bc0350fa6d", "name" : "demo", "level" : 2, "action" : { "category" : "log" }, "options" : { "webattack" : true, "common" : true, "crawler" : true, "crawler_engine" : false, "crawler_scanner" : true, "crawler_script" : false, "crawler_other" : false, "webshell" : false, "cc" : true, "custom" : true, "whiteblackip" : true, "geoip" : true, "ignore" : true, "privacy" : true, "antitamper" : true, "antileakage" : false, "bot_enable" : true, "modulex_enabled" : false }, "hosts" : [ ], "extend" : { }, "timestamp" : 1650529538732, "full_detection" : false, "bind_host" : [ ] }
Status Codes
Status Code |
Description |
---|---|
200 |
OK |
400 |
Request failed. |
401 |
The token does not have required permissions. |
403 |
The resource quota is insufficient. |
500 |
Internal server error. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot