Updated on 2024-07-25 GMT+08:00

Querying Precise Protection Rules

Function

This API is used to query precise protection rules.

URI

GET /v1/{project_id}/waf/policy/{policy_id}/custom

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID

policy_id

Yes

String

Protection policy ID. You can call the ListPolicy API to obtain the policy ID.

Table 2 Query Parameters

Parameter

Mandatory

Type

Description

page

No

Integer

Page number of the data to be returned in a query. The value range is 0 to 100000. The default value is 1, indicating that data on the first page is returned.

Default: 1

pagesize

No

Integer

Number of results on each page in query pagination. The value range is 1 to 100. The default value is 10, indicating that each page contains 10 results.

Default: 10

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

auth token

Content-Type

Yes

String

Content type

Default: application/json;charset=utf8

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

total

Integer

Total number of precise protection rules in a policy.

items

Array of objects

Objects of a precise protection rule.

Table 5 CustomRuleBody

Parameter

Type

Description

id

String

ID of a precise protection rule.

policyid

String

ID of the policy to which the rule belongs.

conditions

Array of conditions objects

List of rule conditions. All conditions must be met.

action

action object

Protective action of the precise protection rule.

priority

Integer

Priority of a rule. Smaller values correspond to higher priorities. If two rules are assigned with the same priority, the rule added earlier has higher priority. Value range: 0 to 1000.

timestamp

Long

Timestamp when the precise protection rule is created.

start

Long

Timestamp (ms) when the precise protection rule takes effect. This parameter is returned only when time is true.

terminal

Long

Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.

Table 6 conditions

Parameter

Type

Description

category

String

Field type. The option can be path, user-agent, ip, params, cookie, referer, or header.

index

String

The parameter value varies depending on the value of category:

  • If category is set to cookie, index indicates cookie name.

  • If category is set to params, index indicates param name.

  • If category is set to header, index indicates an option in the header.

check_all_indexes_logic

Integer

check_all_indexes_logic is not required only when you use custom subfields or the field type is url or ip. Otherwise, the value can be:

  • 1: All subfields will be checked.

  • 2: A random subfield will be checked.

  • null: A custom subfield will be used.

logic_operation

Integer

Condition match logic. The value can be:

  • contain

  • not_contain

  • equal

  • not_equal

  • prefix

  • not_prefix

  • suffix

  • not_suffix If category is set to ip, logic_operation can be set to equal or not_equal only.

contents

Array of strings

Content of the conditions.

Table 7 action

Parameter

Type

Description

category

String

Action type.

  • block: WAF blocks attacks.

  • pass: WAF allows requests.

Status code: 400

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Messages

Status code: 401

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Messages

Status code: 500

Table 10 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Messages

Example Requests

GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/custom?enterprise_project_id=0

Example Responses

Status code: 200

ok

{
  "items" : [ {
    "category" : "block",
    "action_mode" : false,
    "aging_time" : 0,
    "conditions" : [ {
      "category" : "header",
      "index" : "sdfsafsda",
      "logic_operation" : "exist"
    } ],
    "description" : "",
    "id" : "2a3caa2bc9814c09ad73d02e3485b4a4",
    "policyid" : "1f016cde588646aca3fb19f277c44d03",
    "priority" : 50,
    "producer" : 1,
    "status" : 1,
    "time" : false,
    "timestamp" : 1656495488880
  } ],
  "total" : 1
}

Status Codes

Status Code

Description

200

ok

400

Request failed.

401

The token does not have required permissions.

500

Internal server error.

Error Codes

See Error Codes.