Help Center/ Web Application Firewall/ API Reference/ APIs/ Managing Rules/ Adding a Web Tamper Protection Rule to Multiple Policies At Once
Updated on 2026-05-12 GMT+08:00
Online Debugging
CLI Examples
View PDF
Share

Adding a Web Tamper Protection Rule to Multiple Policies At Once

Function

This API is used to add a web tamper protection rule to multiple policies at once.

Calling Method

For details, see Calling APIs.

URI

POST /v1/{project_id}/waf/rule/antitamper

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Definition

Project ID. To obtain it, log in to the Huawei Cloud console, click the username, choose My Credentials, and find the project ID in the Projects list.

Constraints

N/A

Range

The value contains 32 characters. Only letters and digits are supported.

Default Value

N/A
Table 2 Query Parameters

Parameter

Mandatory

Type

Description

policyids

No

Array of strings

Definition

Protection policy ID list. You can call the ListPolicy API to obtain the policy IDs.

Constraints

N/A

Range

N/A

Default Value

N/A

enterprise_project_id

No

String

Definition

Obtain the enterprise project ID by calling the ListEnterpriseProject API of Enterprise Project Management Service (EPS). To obtain the resource details in all enterprise projects of a user, set this parameter to all_granted_eps.

Constraints

N/A

Range

  • 0: the default enterprise project.

  • all_granted_eps: all enterprise projects.

  • A specific enterprise project ID: Enter a maximum of 36 characters.

Default Value

0

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

No

String

Definition

User token. You can obtain it by calling the IAM API for obtaining a user token. The user token is the value of X-Subject-Token in the response header.

Constraints

N/A

Range

N/A

Default Value

N/A

Content-Type

Yes

String

Definition

Content type.

Constraints

N/A

Range

N/A

Default Value

application/json;charset=utf8
Table 4 Request body parameters

Parameter

Mandatory

Type

Description

hostname

Yes

String

Protected websites. You can query the list of websites protected with cloud-mode WAF by calling the ListHost API. The value of the hostname field in the response body is the protected website list.

url

Yes

String

URL protected by the web tamper protection rule. The value must be in the standard URL format, for example, /admin/xxx or /admin/*. The characters * in the end indicate the path prefix.

description

No

String

Rule description.

policy_ids

Yes

Array of strings

IDs of policies to which rules are added. Obtain the policy ID by calling the ListPolicy API. Policies are separated by commas (,).

Response Parameters

Status code: 200

Table 5 Response body parameters

Parameter

Type

Description

id

String

Rule ID

policyid

String

Policy ID

hostname

String

Domain name protected by the web tamper protection rule

url

String

URL for the web tamper protection rule

description

String

Timestamp the rule was created.

status

Integer

Definition

Rule status, which is used to specify whether a rule is enabled or disabled.

Constraints

N/A

Range

  • 0: disabled

  • 1: enabled

Default Value

N/A

Status code: 400

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

You can call the decode-authorization-message interface of the STS service to decode the rejection reason. For details, see the STS5 joint commissioning and self-verification. This parameter is returned only when an IAM 5 authentication error occurs.

details

Array of IAM5ErrorDetails objects

The set of error messages reported when a downstream service is invoked. This parameter is returned only when an IAM 5 authentication error occurs.
Table 7 IAM5ErrorDetails

Parameter

Type

Description

error_code

String

Error codes of the downstream service.

error_msg

String

Error messages of the downstream service.

Status code: 401

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

You can call the decode-authorization-message interface of the STS service to decode the rejection reason. For details, see the STS5 joint commissioning and self-verification. This parameter is returned only when an IAM 5 authentication error occurs.

details

Array of IAM5ErrorDetails objects

The set of error messages reported when a downstream service is invoked. This parameter is returned only when an IAM 5 authentication error occurs.
Table 9 IAM5ErrorDetails

Parameter

Type

Description

error_code

String

Error codes of the downstream service.

error_msg

String

Error messages of the downstream service.

Status code: 500

Table 10 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

You can call the decode-authorization-message interface of the STS service to decode the rejection reason. For details, see the STS5 joint commissioning and self-verification. This parameter is returned only when an IAM 5 authentication error occurs.

details

Array of IAM5ErrorDetails objects

The set of error messages reported when a downstream service is invoked. This parameter is returned only when an IAM 5 authentication error occurs.
Table 11 IAM5ErrorDetails

Parameter

Type

Description

error_code

String

Error codes of the downstream service.

error_msg

String

Error messages of the downstream service.

Example Requests

Select multiple policies and add a web tamper protection rule to them all at once.

POST https://{endpoint}/v1/{project_id}/waf/rule/antitamper?enterprise_project_id=0

{
  "hostname" : "www.test.com",
  "url" : "/test",
  "description" : "SDK test.",
  "policy_ids" : [ "policy_id" ]
}

Example Responses

Status code: 200

Definition

OK

Constraints

N/A

Range

N/A

Default Value

N/A

{
  "hostname" : "www.test.com",
  "url" : "/test",
  "description" : "SDK test.",
  "policyid" : "policy_id",
  "id" : "id"
}

SDK Sample Code

The SDK sample code is as follows.

Select multiple policies and add a web tamper protection rule to them all at once.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
 
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.waf.v1.region.WafRegion;
import com.huaweicloud.sdk.waf.v1.*;
import com.huaweicloud.sdk.waf.v1.model.*;

import java.util.List;
import java.util.ArrayList;

public class BatchCreateAntiTamperRuleSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        WafClient client = WafClient.newBuilder()
                .withCredential(auth)
                .withRegion(WafRegion.valueOf("<YOUR REGION>"))
                .build();
        BatchCreateAntiTamperRuleRequest request = new BatchCreateAntiTamperRuleRequest();
        BatchCreateAntiTamperRulesRequestBody body = new BatchCreateAntiTamperRulesRequestBody();
        List<String> listbodyPolicyIds = new ArrayList<>();
        listbodyPolicyIds.add("policy_id");
        body.withPolicyIds(listbodyPolicyIds);
        body.withDescription("SDK test.");
        body.withUrl("/test");
        body.withHostname("www.test.com");
        request.withBody(body);
        try {
            BatchCreateAntiTamperRuleResponse response = client.batchCreateAntiTamperRule(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Select multiple policies and add a web tamper protection rule to them all at once.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
 
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkwaf.v1.region.waf_region import WafRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkwaf.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = WafClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(WafRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = BatchCreateAntiTamperRuleRequest()
        listPolicyIdsbody = [
            "policy_id"
        ]
        request.body = BatchCreateAntiTamperRulesRequestBody(
            policy_ids=listPolicyIdsbody,
            description="SDK test.",
            url="/test",
            hostname="www.test.com"
        )
        response = client.batch_create_anti_tamper_rule(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Select multiple policies and add a web tamper protection rule to them all at once.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    waf "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth, err := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        SafeBuild()

    if err != nil {
        fmt.Println(err)
        return
    }

    hcClient, err := waf.WafClientBuilder().
         WithRegion(region.ValueOf("<YOUR REGION>")).
         WithCredential(auth).
         SafeBuild()


    if err != nil {
        fmt.Println(err)
        return
    }

    client := waf.NewWafClient(hcClient)

    request := &model.BatchCreateAntiTamperRuleRequest{}
	var listPolicyIdsbody = []string{
        "policy_id",
    }
	descriptionBatchCreateAntiTamperRulesRequestBody:= "SDK test."
	request.Body = &model.BatchCreateAntiTamperRulesRequestBody{
		PolicyIds: listPolicyIdsbody,
		Description: &descriptionBatchCreateAntiTamperRulesRequestBody,
		Url: "/test",
		Hostname: "www.test.com",
	}
	response, err := client.BatchCreateAntiTamperRule(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

200

Definition

OK

Constraints

N/A

Range

N/A

Default Value

N/A

400

Definition

Request failed.

Constraints

N/A

Range

N/A

Default Value

N/A

401

Definition

The token does not have required permissions.

Constraints

N/A

Range

N/A

Default Value

N/A

500

Definition

Internal server error.

Constraints

N/A

Range

N/A

Default Value

N/A

Error Codes

See Error Codes.

Parent Topic: Managing Rules