Updated on 2022-02-22 GMT+08:00

Querying Precise Protection Rules

Function Description

This API is used to query all precise protection rules in a policy.

URI

  • URI format

    GET /v1/{project_id}/waf/policy/{policy_id}/custom?offset={offset}&limit={limit}

  • Parameter description
    Table 1 Path parameters

    Parameter

    Mandatory

    Type

    Description

    project_id

    Yes

    String

    Specifies the project ID.

    policy_id

    Yes

    String

    Specifies the policy ID.

    offset

    No

    Long

    Specifies the number of returned pages. Its value ranges from 0 to 65535. The default value is 0.

    limit

    No

    Long

    Specifies the maximum number of records displayed on each page. Its value ranges from 0 to 50. The default value is 10.

Request

Request parameters

None

Response

Response parameters
Table 2 Parameter description

Parameter

Type

Description

total

Integer

Specifies the total number of precise protection rules in a policy.

items

Table 3

Specifies the precise protection rule objects.

Table 3 items

Parameter

Type

Description

id

String

Specifies the ID of a precise protection rule.

policy_id

String

Specifies the policy ID.

name

String

Specifies the rule name.

conditions

Table 4

Specifies the condition parameters. If there are multiple conditions, the conditions must be met at the same time.

action

Table 5

Specifies the protective action after the precise protection rule is matched.

time

Boolean

Specifies the effect time of the precise protection rule.

  • false: The rule takes effect immediately.
  • true: The rule takes effect at the scheduled time.

start

Long

Specifies the time when the precise protection rule takes effect. This parameter is returned only when time is true.

end

Long

Specifies the time when the precise protection rule expires. This parameter is returned only when time is true.

priority

Integer

Specifies the priority of a rule being executed. Smaller values correspond to higher priorities. If two rules are assigned with the same priority, the rule added earlier has higher priority. The value ranges from 0 to 65535.

timestamp

Long

Specifies the time when a precise protection rule is added.

Table 4 conditions

Parameter

Type

Description

category

String

Specifies the condition type. The value can be path, user-agent, ip, params, cookie, referer, or header.

index

String

  • If category is set to cookie, index indicates cookie name.
  • If category is set to params, index indicates param name.
  • If category is set to header, index indicates an option in the header.

logic

String

contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix indicate Include, Exclude, Equal to, Not equal to, Prefix is, Prefix is not, Suffix is, and Suffix is not respectively.

If category is set to ip, logic can only be equal or not_equal.

contents

List

Specifies content matching the condition.

Table 5 action

Parameter

Type

Description

category

String

Specifies the protective action.

  • block: block.
  • pass: allow.

Example

total with a value of 2 is used as an example.

Response example
{
  "total": 2,
  "items": [{
      "id": "7374ad99c6c448e9a9ca35cb46660a39",
      "policy_id": "9tre832yf96784ec8abd8ba61a98064ef",
      "name": "rule1",
      "time": true,
      "start": 1499817600,
      "end": 1567817600,
      "conditions": [{
          "category": "path",
          "contents": ["/login"],
          "logic": "containi"
        },{
          "category": "ip",
           "logic": "equal",
           "contents": ["X.X.1.1"]
        }
      ],
      "action": {
        "category": "block"
      },
     
     "priority": 1,
     "timestamp": 1499817600
    }, {
      "id": "7374ad99c6c448e9a9ca35cb46660a39",
      "policy_id": "9tre832yf96784ec8abd8ba61a98064ef",
      "name": "rule2",
      "time": false,
      "conditions": [{
          "category": "path",
          "contents": ["/login"],
          "logic": "contain"
        },{
          "category": "ip",
           "logic": "equal",
           "contents": ["X.X.1.1"]
        }
      ],
      "action": {
        "category": "block"
      },
     
     "priority": 1,
     "timestamp": 1499817600
    }
  ]
}

Status Code

Table 6 describes the normal status code returned by the API.
Table 6 Status code

Status Code

Description

Meaning

200

OK

The request has succeeded.

For details about error status codes, see Status Codes.