Creating a Precise Protection Rule

Function

This API is used to create a precise protection rule.

URI

POST /v1/{project_id}/waf/policy/{policy_id}/custom

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID
policy_id	Yes	String	Protection policy ID. You can call the ListPolicy API to obtain the policy ID.

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	auth token
Content-Type	Yes	String	Content type Default: application/json;charset=utf8

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
name	No	String	Name of the custom rule
time	No	Boolean	Time the precise protection rule takes effect. false: The rule takes effect immediately. true: The effective time is customized.
start	No	Long	Timestamp (ms) when the precise protection rule takes effect. This parameter is returned only when time is true.
terminal	No	Long	Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.
conditions	No	Array of CustomConditions objects	Match condition List
action	No	CustomAction object	Protective action of the precise protection rule
priority	No	Integer	Priority of a rule. Smaller values correspond to higher priorities. If two rules are assigned with the same priority, the rule added earlier has higher priority. The value ranges from 0 to 1000.

**Table 4** CustomConditions
Parameter	Mandatory	Type	Description
category	No	String	The condition types can be path, user-agent, ip, params, cookie, referer, or header.
index	No	String	If category is set to cookie, index indicates cookie name. If category is set to params, index indicates param name. If category is set to header, index indicates an option in the header.
check_all_indexes_logic	No	Integer	Available values are 1 and 2. The value 1 indicates all subfields, and the value 2 indicates any subfields.
logic	No	Integer	contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix indicate Include, Exclude, Equal to, Not equal to, Prefix is, Prefix is not, Suffix is, and Suffix is not respectively. If category is set to ip, logic can only be equal or not_equal.
contents	No	Array of strings	Content of the match conditions
value_list_id	No	String	ID of the reference table

**Table 5** CustomAction
Parameter	Mandatory	Type	Description
category	No	String	Action type. block: WAF blocks attacks. pass: WAF allows requests.

Response Parameters

Status code: 200

**Table 6** Response body parameters
Parameter	Type	Description
id	String	ID of a precise protection rule.
policyid	String	ID of the policy to which the rule belongs.
conditions	Array of conditions objects	List of matching conditions. All conditions must be met.
action	action object	Protective action of the precise protection rule
priority	Integer	Priority of a rule. Smaller values correspond to higher priorities. If two rules are assigned with the same priority, the rule added earlier has higher priority. The value ranges from 0 to 1000.
timestamp	Long	Timestamp when the precise protection rule is created.
start	Long	Timestamp (ms) when the precise protection rule takes effect. This parameter is returned only when time is true.
terminal	Long	Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.

**Table 7** conditions
Parameter	Type	Description
category	String	Condition type. Its option can be path, user-agent, ip, params, cookie, referer, or header.
index	String	If category is set to cookie, index indicates cookie name. If category is set to params, index indicates param name. If category is set to header, index indicates an option in the header.
check_all_indexes_logic	Integer	Available values are 1 and 2. The value 1 indicates all subfields, and the value 2 indicates any subfields.
logic	Integer	contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix indicate Include, Exclude, Equal to, Not equal to, Prefix is, Prefix is not, Suffix is, and Suffix is not respectively. If category is set to ip, logic can only be equal or not_equal.
contents	Array of strings	Content of the match conditions

**Table 8** action
Parameter	Type	Description
category	String	Action type. block: WAF blocks attacks. pass: WAF allows requests.

Status code: 400

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Error Code
error_msg	String	Error Messages

Status code: 401

**Table 10** Response body parameters
Parameter	Type	Description
error_code	String	Error Code
error_msg	String	Error Messages

Status code: 500

**Table 11** Response body parameters
Parameter	Type	Description
error_code	String	Error Code
error_msg	String	Error Messages

Example Requests

POST https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/custom?enterprise_project_id=0

{
  "description" : "",
  "action" : {
    "category" : "block"
  },
  "priority" : 50,
  "conditions" : [ {
    "category" : "header",
    "logic_operation" : "exist",
    "index" : "sdfsafsda"
  } ],
  "time" : false
}

Example Responses

Status code: 200

{
  "items" : [ {
    "action" : {
      "category" : "block"
    },
    "action_mode" : false,
    "aging_time" : 0,
    "conditions" : [ {
      "category" : "header",
      "index" : "sdfsafsda",
      "logic_operation" : "exist"
    } ],
    "description" : "",
    "id" : "2a3caa2bc9814c09ad73d02e3485b4a4",
    "policyid" : "1f016cde588646aca3fb19f277c44d03",
    "priority" : 50,
    "producer" : 1,
    "status" : 1,
    "time" : false,
    "timestamp" : 1656495488880
  } ]
}