Updated on 2022-08-09 GMT+08:00

Updating a Protection Policy

Function

This API is used to update a protection policy. The request body can contain only the part that needs to be updated.

URI

PATCH /v1/{project_id}/waf/policy/{policy_id}

Table 1 Path parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID

policy_id

Yes

String

Policy ID. It can be obtained by calling the API for querying the policy list.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

Content-Type

Yes

String

Content type

Default: application/json;charset=utf8

Table 3 Request body parameters

Parameter

Mandatory

Type

Description

name

No

String

Policy name

action

No

PolicyAction object

Operation

options

No

PolicyOption object

Option

Table 4 PolicyAction

Parameter

Mandatory

Type

Description

category

No

String

Protection level. The options are log and block.

Table 5 PolicyOption

Parameter

Mandatory

Type

Description

webattack

No

Boolean

Whether basic web protection is enabled

common

No

Boolean

Whether general check is enabled

crawler

No

Boolean

Whether anti-crawler is enabled

crawler_engine

No

Boolean

Whether the search engine check is enabled

crawler_scanner

No

Boolean

Whether anti-crawler is enabled

crawler_script

No

Boolean

Whether JavaScript-based anti-crawler is enabled

crawler_other

No

Boolean

Whether the other check item of anti-crawler is enabled

webshell

No

Boolean

Whether web shell check is enabled

cc

No

Boolean

Whether the CC attack protection is enabled

custom

No

Boolean

Whether precise protection is enabled

whiteblackip

No

Boolean

Whether blacklist and whitelist protection is enabled

ignore

No

Boolean

Whether false alarm masking is enabled

privacy

No

Boolean

Whether data masking is enabled

antitamper

No

Boolean

Whether web tamper protection is enabled

Response Parameters

Status code: 200

Table 6 Response body parameters

Parameter

Type

Description

id

String

Policy ID

name

String

Policy name

action

PolicyAction object

Operation

options

PolicyOption object

Option

level

Integer

Protection level

full_detection

Boolean

Detection mode in a precise protection rule

bind_host

Array of BindHost objects

Basic information about the protected domain name

timestamp

Long

Time the policy was created

extend

Map<String,String>

Extended field

Table 7 PolicyAction

Parameter

Type

Description

category

String

Protection level. The options are log and block.

Table 8 PolicyOption

Parameter

Type

Description

webattack

Boolean

Whether basic web protection is enabled

common

Boolean

Whether general check is enabled

crawler

Boolean

Whether anti-crawler is enabled

crawler_engine

Boolean

Whether the search engine check is enabled

crawler_scanner

Boolean

Whether anti-crawler is enabled

crawler_script

Boolean

Whether JavaScript-based anti-crawler is enabled

crawler_other

Boolean

Whether the other check item of anti-crawler is enabled

webshell

Boolean

Whether web shell check is enabled

cc

Boolean

Whether the CC attack protection is enabled

custom

Boolean

Whether precise protection is enabled

whiteblackip

Boolean

Whether blacklist and whitelist protection is enabled

ignore

Boolean

Whether false alarm masking is enabled

privacy

Boolean

Whether data masking is enabled

antitamper

Boolean

Whether web tamper protection is enabled

Table 9 BindHost

Parameter

Type

Description

id

String

Domain name ID

hostname

String

Domain name

waf_type

String

WAF edition for the domain name. The options are cloud and premium.

mode

String

(Dedicated mode only) Special domain name mode

Status code: 400

Table 10 Response body parameters

Parameter

Type

Description

error_code

String

Error code

error_msg

String

Error code message

Status code: 401

Table 11 Response body parameters

Parameter

Type

Description

error_code

String

Error code

error_msg

String

Error code message

Status code: 500

Table 12 Response body parameters

Parameter

Type

Description

error_code

String

Error code

error_msg

String

Error code message

Example Requests

None

Example Responses

None

Status Codes

Status Code

Description

200

OK

400

Request failed

401

Insufficient token permissions

500

Internal server error

Error Codes

See Error Codes.