Creating a Policy

Function

This API is used for creating a protection policy.

URI

POST /v1/{project_id}/waf/policy

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID

**Table 2** Query Parameters
Parameter	Mandatory	Type	Description
enterprise_project_id	No	String	ID of the enterprise project. It can be obtained by calling the ListEnterpriseProject API of EPS.

Request Parameters

**Table 3** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header).
Content-Type	Yes	String	Content type Default: application/json;charset=utf8

**Table 4** Request body parameters
Parameter	Mandatory	Type	Description
name	Yes	String	Policy name

Response Parameters

Status code: 200

**Table 5** Response body parameters
Parameter	Type	Description
id	String	Policy ID
name	String	Policy name
action	PolicyAction object	This API is used to set policy actions.
options	PolicyOption object	This API is used to set policy options.
level	Integer	Protection level 1: WAF detects wget, cURL, and more but does not detect XSS and command injection attacks in the header, so you may miss more vulnerabilities that in fact exist. If you find out that configured protection rules are affecting your services, adjust the protection level to 1. 2: WAF detects remote file inclusion, third-party software vulnerabilities, webshell, and cp and ftp commands. This is the default value. 3: If you need a stricter protection level, set this parameter to 3. This may increase the false positive rate but decrease the false negative rate, such as nc, nmap, and kill.
full_detection	Boolean	Detection mode in the precise protection rule true: full detection. WAF blocks all requests that hit the configured precise protection rule when it finishes all threat detections. false: instant detection. WAF immediately ends threat detection and blocks the request that hits the configured precise protection rule.
bind_host	Array of BindHost objects	Basic information about the protected domain
timestamp	Integer	Time a policy is created
extend	Map<String,String>	Extended field

**Table 6** PolicyAction
Parameter	Type	Description
category	String	Protection categories. Available values include: log: WAF only logs detected attacks. block: WAF blocks attacks. Enumeration values: block log

**Table 7** PolicyOption
Parameter	Type	Description
webattack	Boolean	Whether basic web protection is enabled Enumeration values: true false
common	Boolean	Whether general check is enabled Enumeration values: true false
crawler	Boolean	Whether anti-crawler protection is enabled Enumeration values: true false
crawler_engine	Boolean	Whether the search engine is enabled Enumeration values: true false
crawler_scanner	Boolean	Whether the anti-crawler detection is enabled Enumeration values: true false
crawler_script	Boolean	Whether the JavaScript anti-crawler is enabled Enumeration values: true false
crawler_other	Boolean	Whether other crawler check is enabled Enumeration values: true false
webshell	Boolean	Whether webshell detection is enabled Enumeration values: true false
cc	Boolean	Whether the CC attack protection rules are enabled Enumeration values: true false
custom	Boolean	Whether precise protection is enabled Enumeration values: true false
whiteblackip	Boolean	Whether blacklist and whitelist protection is enabled Enumeration values: true false
geoip	Boolean	Whether geolocation access control is enabled Enumeration values: true false
ignore	Boolean	Whether false alarm masking is enabled Enumeration values: true false
privacy	Boolean	Whether data masking is enabled Enumeration values: true false
antitamper	Boolean	Whether the web tamper protection is enabled Enumeration values: true false
antileakage	Boolean	Whether the information leakage prevention is enabled Enumeration values: true false
bot_enable	Boolean	Whether bot mitigation is enabled Enumeration values: true false

**Table 8** BindHost
Parameter	Type	Description
id	String	Domain ID
hostname	String	Protected domain name
waf_type	String	Domain name mode: cloud (cloud mode)/premium (dedicated mode)
mode	String	This parameter is required only by the dedicated mode.

Status code: 400

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Error Code
error_msg	String	Error Messages

Status code: 401

**Table 10** Response body parameters
Parameter	Type	Description
error_code	String	Error Code
error_msg	String	Error Messages

Status code: 403

**Table 11** Response body parameters
Parameter	Type	Description
error_code	String	Error Code
error_msg	String	Error Messages

Status code: 500

**Table 12** Response body parameters
Parameter	Type	Description
error_code	String	Error Code
error_msg	String	Error Messages

Example Requests

POST https://{Endpoint}/v1/{project_id}/waf/policy?enterprise_project_id=0

{
  "name" : "demo"
}

Example Responses

Status code: 200

{
  "id" : "38ff0cb9a10e4d5293c642bc0350fa6d",
  "name" : "demo",
  "level" : 2,
  "action" : {
    "category" : "log"
  },
  "options" : {
    "webattack" : true,
    "common" : true,
    "crawler" : true,
    "crawler_engine" : false,
    "crawler_scanner" : true,
    "crawler_script" : false,
    "crawler_other" : false,
    "webshell" : false,
    "cc" : true,
    "custom" : true,
    "precise" : false,
    "whiteblackip" : true,
    "geoip" : true,
    "ignore" : true,
    "privacy" : true,
    "antitamper" : true,
    "anticrawler" : false,
    "antileakage" : false,
    "followed_action" : false,
    "bot_enable" : true
  },
  "hosts" : [ ],
  "extend" : { },
  "timestamp" : 1650529538732,
  "full_detection" : false,
  "bind_host" : [ ]
}