This API is used to update a protection policy.

PUT /v1/edgesec/configuration/http/policies/{policy_id}

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
policy_id	Yes	String	Policy ID.

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	auth token

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
name	No	String	Protection policy name.
action	No	HttpPolicyAction object	Operation.
options	No	HttpPolicyOption object	Option.
level	No	Integer	Protection level.
full_detection	No	Boolean	Detection mode in the precise protection rule.
robot_action	No	HttpPolicyAction object	Operation.
third_bot_options	No	HttpThirdBotOptions object	Third-party BOT operation.
extend	No	Map<String,String>	Extended field.

**Table 4** HttpPolicyOption
Parameter	Mandatory	Type	Description
webattack	No	Boolean	Whether basic web protection is enabled.
common	No	Boolean	Whether general check is enabled.
bot_enable	No	Boolean	Whether full anti-crawler protection is enabled.
crawler	No	Boolean	Whether anti-crawler protection with feature libraries is enabled.
crawler_engine	No	Boolean	Whether the search engine is enabled.
crawler_scanner	No	Boolean	Whether the scanner is enabled.
crawler_script	No	Boolean	Whether the JavaScript anti-crawler is enabled.
crawler_other	No	Boolean	Whether other crawler check is enabled.
webshell	No	Boolean	Whether web shell detection is enabled
cc	No	Boolean	Whether the CC attack protection rule is enabled.
custom	No	Boolean	Whether precise protection is enabled.
followed_action	No	Boolean	Whether known attack source detection is enabled.
whiteblackip	No	Boolean	Whether blacklist and whitelist protection is enabled.
geoip	No	Boolean	Whether the geolocation rule is enabled.
ignore	No	Boolean	Whether false alarm masking is enabled.
privacy	No	Boolean	Whether data masking is enabled.
antitamper	No	Boolean	Whether the web tamper protection is enabled.
antileakage	No	Boolean	Whether the information leakage prevention is enabled.
anticrawler	No	Boolean	Whether the JavaScript anti-crawler rule is enabled.
third_bot_river	No	Boolean	Whether the third-party BOT is enabled

**Table 5** HttpPolicyAction
Parameter	Mandatory	Type	Description
category	No	String	Protection level.
followed_action_id	No	String	Attack penalty rule ID.

**Table 6** HttpThirdBotOptions
Parameter	Mandatory	Type	Description
river_config	No	HttpRiverConfig object	River Security configuration items

**Table 7** HttpRiverConfig
Parameter	Mandatory	Type	Description
site_id	No	String	River Security site ID.
site_name	No	String	River Security site name.
connect_timeout	No	Integer	Connection timeout (ms).
read_timeout	No	Integer	Read timeout (ms).
send_timeout	No	Integer	Write timeout (ms).

Status code: 200

**Table 8** Response body parameters
Parameter	Type	Description
id	String	Policy ID.
name	String	Protection policy name.
level	Integer	Protection level.
full_detection	Boolean	Detection mode in the precise protection rule.
action	HttpPolicyAction object	Operation.
robot_action	HttpPolicyAction object	Operation.
options	HttpPolicyOption object	Option.
bind_host	Array of HttpPolicyBindHost objects	Basic information about the protected domain.
extend	Map<String,String>	Extended field.
third_bot_options	Map<String,third_bot_options>	Third-party BOT operation.
wap_managed_ruleset_id	String	ID of the hosting rule set for basic web protection.

**Table 9** HttpPolicyAction
Parameter	Type	Description
category	String	Protection level.
followed_action_id	String	Attack penalty rule ID.

**Table 10** HttpPolicyOption
Parameter	Type	Description
webattack	Boolean	Whether basic web protection is enabled.
common	Boolean	Whether general check is enabled.
bot_enable	Boolean	Whether full anti-crawler protection is enabled.
crawler	Boolean	Whether anti-crawler protection with feature libraries is enabled.
crawler_engine	Boolean	Whether the search engine is enabled.
crawler_scanner	Boolean	Whether the scanner is enabled.
crawler_script	Boolean	Whether the JavaScript anti-crawler is enabled.
crawler_other	Boolean	Whether other crawler check is enabled.
webshell	Boolean	Whether web shell detection is enabled
cc	Boolean	Whether the CC attack protection rule is enabled.
custom	Boolean	Whether precise protection is enabled.
followed_action	Boolean	Whether known attack source detection is enabled.
whiteblackip	Boolean	Whether blacklist and whitelist protection is enabled.
geoip	Boolean	Whether the geolocation rule is enabled.
ignore	Boolean	Whether false alarm masking is enabled.
privacy	Boolean	Whether data masking is enabled.
antitamper	Boolean	Whether the web tamper protection is enabled.
antileakage	Boolean	Whether the information leakage prevention is enabled.
anticrawler	Boolean	Whether the JavaScript anti-crawler rule is enabled.
third_bot_river	Boolean	Whether the third-party BOT is enabled

**Table 11** HttpPolicyBindHost
Parameter	Type	Description
id	String	Domain name ID.
hostname	String	Domain name.

Status code: 400

**Table 12** Response body parameters
Parameter	Type	Description
error_code	String	Standard error code: service name.8-digit code
error_msg	String	Detailed error information.
encoded_authorization_message	String	If the service is integrated with IAM5.0, an IAM response must be returned when access is denied.

Status code: 401

**Table 13** Response body parameters
Parameter	Type	Description
error_code	String	Standard error code: service name.8-digit code
error_msg	String	Detailed error information.
encoded_authorization_message	String	If the service is integrated with IAM5.0, an IAM response must be returned when access is denied.

Status code: 500

**Table 14** Response body parameters
Parameter	Type	Description
error_code	String	Standard error code: service name.8-digit code
error_msg	String	Detailed error information.
encoded_authorization_message	String	If the service is integrated with IAM5.0, an IAM response must be returned when access is denied.