Querying a Precise Protection Rule

Function Description

This API is used to query details about a precise protection rule.

URI

URI format
GET /v1/{project_id}/waf/policy/{policy_id}/custom/{custom_rule_id}

Parameter description

**Table 1** Path parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Specifies the project ID.
policy_id	Yes	String	Specifies the policy ID.
custom_rule_id	Yes	String	Specifies the ID of a precise protection rule.

Request

Request parameters

None

Response

Response parameters

**Table 2** Parameter description
Parameter	Type	Description
id	String	Specifies the ID of a precise protection rule.
policy_id	String	Specifies the policy ID.
name	String	Specifies the rule name.
time	Boolean	Specifies the effect time of the precise protection rule. false: The rule takes effect immediately. true: The rule takes effect at the scheduled time.
start	Long	Specifies the time when the precise protection rule takes effect.
end	Long	Specifies the time when the precise protection rule expires.
conditions	Table 3	Specifies the condition parameters.
action	Table 4	Specifies the protective action after the precise protection rule is matched.
priority	Integer	Specifies the priority of a rule being executed. Smaller values correspond to higher priorities. If two rules are assigned with the same priority, the rule added earlier has higher priority. The value ranges from 0 to 65535.
timestamp	Long	Specifies the time when a precise protection rule is added.

**Table 3** **conditions**
Parameter	Type	Description
category	String	Specifies the condition type. The value can be path, user-agent, ip, params, cookie, referer, or header.
index	String	If category is set to cookie, index indicates cookie name. If category is set to params, index indicates param name. If category is set to header, index indicates an option in the header.
logic	String	contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix indicate Include, Exclude, Equal to, Not equal to, Prefix is, Prefix is not, Suffix is, and Suffix is not respectively. If category is set to ip, logic can only be equal or not_equal.
contents	List	Specifies content matching the condition.

**Table 4** **action**
Parameter	Type	Description
category	String	Specifies the protective action. block: block. pass: allow.

Example

Rule ID 7374ad99c6c448e9a9ca35cb46660a39 is used as an example.

Response example

{ 
      "id": "7374ad99c6c448e9a9ca35cb46660a39", 
      "policy_id": "9tre832yf96784ec8abd8ba61a98064ef", 
      "name": "rule1", 
      "time": true, 
      "start": 1499817600, 
      "end": 1567817600, 
      "conditions": [{ 
          "category ": "path", 
          "contents": ["/login"], 
          "logic": "contain"
        },{ 
          "category": "ip", 
          "logic": "equal", 
          "contents": ["X.X.1.1"]
        }, { 
          "category": "referer", 
          "logic": "prefix", 
          "contents": ["https://www.waf.com/xxx"]
        }, { 
          "category": "user-agent", 
          "logic": "contain", 
          "contents": ["Mozilla/5.0"]
        }, { 
          "category": "cookie",
		  "index": "SID",
          "logic": 3, 
          "contents": ["234SDFASR4R32412FSR325S"]
        }, { 
          "category": "header",
		  "index": "x-language",
          "logic": "equal", 
          "contents": ["en-us"]
        }, { 
          "category": "params",
		  "index": "name",
          "logic": "equal", 
          "contents": ["abc"]
        }
      ], 
      "action": { 
        "category": "block" 
      }, 
     "priority": 10, 
     "timestamp": 1499817600 
}