This API is used to create a precise protection rule.
Function
This API is used to create a precise protection rule.
URI
POST /v1/edgesec/configuration/http/policies/{policy_id}/access-control-rule
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
policy_id |
Yes |
String |
Policy ID. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
auth token |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
name |
Yes |
String |
Rule name |
|
description |
No |
String |
Rule description, which contains a maximum of 512 characters. |
|
time |
Yes |
Boolean |
Time when the precise protection rule takes effect.
|
|
start |
No |
Long |
Timestamp (s) when the precise protection rule takes effect. This parameter needs to be set only when time is set to true. |
|
terminal |
No |
Long |
Timestamp (s) when the precise protection rule expires. This parameter needs to be set only when time is set to true. |
|
priority |
Yes |
Integer |
Priority of a rule. A small value indicates a high priority. If two rules are assigned with the same priority, the rule added earlier has higher priority. Value range: 0 to 1000. |
|
conditions |
Yes |
Array of HttpAccessControlRuleCondition objects |
Hit condition. |
|
action |
Yes |
HttpRuleAction object |
Action of the protection rule. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
category |
No |
String |
Field type. The options are url, custom_asn, custom_geoip, robot, user-agent, ip, params, cookie, referer, header, method, request_line, request, response_code, response_length, response_time, response_header and response_body. |
|
index |
No |
String |
Subfield:
|
|
contents |
No |
Array of strings |
Content list |
|
logic_operation |
No |
String |
Processing logic |
|
value_list_id |
No |
String |
ID of the reference table |
|
size |
No |
Long |
This field is used if the protection rule involves a threshold. |
|
check_all_indexes_logic |
No |
Integer |
|
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
category |
Yes |
String |
Operation type,
|
|
followed_action_id |
No |
String |
Attack punishment rule ID. This parameter is available only when category is set to block. |
|
detail |
No |
HttpRuleActionDetail object |
Action of the protection rule. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
redirect_url |
No |
String |
URL to which the page is redirected. |
|
response |
No |
HttpRuleActionResponse object |
Return page of the protection rule |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
id |
String |
Rule ID. |
|
name |
String |
Rule name. |
|
policy_id |
String |
ID of the policy to which the rule belongs. |
|
policy_name |
String |
Name of the policy to which the rule belongs. |
|
timestamp |
Long |
Time when a rule is created |
|
description |
String |
Rule description. |
|
status |
Integer |
Rule enabling status |
|
time |
Boolean |
Whether to set the effective time |
|
start |
Long |
Effective time |
|
terminal |
Long |
Expiration time |
|
priority |
Integer |
Priority |
|
conditions |
Array of HttpAccessControlRuleCondition objects |
Hit condition. |
|
action |
HttpRuleAction object |
Action of the protection rule. |
|
producer |
Integer |
Source |
|
Parameter |
Type |
Description |
|---|---|---|
|
category |
String |
Field type. The options are url, custom_asn, custom_geoip, robot, user-agent, ip, params, cookie, referer, header, method, request_line, request, response_code, response_length, response_time, response_header and response_body. |
|
index |
String |
Subfield:
|
|
contents |
Array of strings |
Content list |
|
logic_operation |
String |
Processing logic |
|
value_list_id |
String |
ID of the reference table |
|
size |
Long |
This field is used if the protection rule involves a threshold. |
|
check_all_indexes_logic |
Integer |
|
|
Parameter |
Type |
Description |
|---|---|---|
|
category |
String |
Operation type,
|
|
followed_action_id |
String |
Attack punishment rule ID. This parameter is available only when category is set to block. |
|
detail |
HttpRuleActionDetail object |
Action of the protection rule. |
|
Parameter |
Type |
Description |
|---|---|---|
|
redirect_url |
String |
URL to which the page is redirected. |
|
response |
HttpRuleActionResponse object |
Return page of the protection rule |
|
Parameter |
Type |
Description |
|---|---|---|
|
content_type |
String |
Content type. |
|
content |
String |
Content |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Standard error code: service name.8-digit code |
|
error_msg |
String |
Detailed error information. |
|
encoded_authorization_message |
String |
If the service is integrated with IAM5.0, an IAM response must be returned when access is denied. |
Status code: 401
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Standard error code: service name.8-digit code |
|
error_msg |
String |
Detailed error information. |
|
encoded_authorization_message |
String |
If the service is integrated with IAM5.0, an IAM response must be returned when access is denied. |
Status code: 500
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Standard error code: service name.8-digit code |
|
error_msg |
String |
Detailed error information. |
|
encoded_authorization_message |
String |
If the service is integrated with IAM5.0, an IAM response must be returned when access is denied. |
Example Requests
None
Example Responses
None
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
OK |
|
400 |
Request failed. |
|
401 |
The token does not have required permissions. |
|
500 |
Internal server error. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
