Help Center/ Web Application Firewall/ API Reference (Paris)/ APIs/ Dedicated Mode/ CC Attack Protection Rule Management/ Querying the CC Attack Protection Rule List
Updated on 2024-07-25 GMT+08:00
View PDF
Share

Querying the CC Attack Protection Rule List

Function

This API is used to query the CC attack protection rules.

URI

GET /v1/{project_id}/waf/policy/{policy_id}/cc

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID

policy_id

Yes

String

Protection policy ID. You can call the ListPolicy API to obtain the policy ID.
Table 2 Query Parameters

Parameter

Mandatory

Type

Description

page

No

Integer

Page number of the data to be returned in a query. The value range is 0 to 100000. The default value is 1, indicating that data on the first page is returned.

Default: 1

pagesize

No

Integer

Number of results on each page in query pagination. The value range is 1 to 100. The default value is 10, indicating that each page contains 10 results.

Default: 10

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

Content-Type

Yes

String

Content type

Default: application/json;charset=utf8

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

total

Integer

Total number of CC prevention rules in a policy

items

Array of CcrulesListInfo objects

Objects of a CC prevention rule
Table 5 CcrulesListInfo

Parameter

Type

Description

id

String

ID of a CC prevention rule

policyid

String

ID of the policy to which the rule belongs

url

String

URL to which the rule applies, excluding a domain name.

  • Prefix match: A path ending with * indicates that the path is used as a prefix. For example, to protect /admin/test.php or /adminabc, you can set Path to /admin*.

  • Exact match: The path to be entered must match the path to be protected. If the path to be protected is /admin, set url to /admin.

limit_num

String

Number of requests allowed from a web visitor in a rate limiting period

limit_period

String

Rate limiting period

lock_time

String

How long a web visitor will be locked The value range is [0 to 2^32), in seconds.

tag_type

String

Protection mode.

  • ip: A website visitor is identified by the IP address.

  • cookie: A website visitor is identified by the cookie key value.

  • other: A website visitor is identified by the Referer field (user-defined request source).

tag_index

String

Protection mode tag. When tag_type is set to cookie, this parameter indicates the cookie name.

action

action object

Action to take if the number of requests reaches the upper limit.

timestamp

Long

Rule creation timestamp
Table 6 action

Parameter

Type

Description

category

String

Action type

  • block: WAF blocks the requests.

  • captcha: Verification code. The user needs to enter the correct verification code after blocking to restore the correct access page.

  • If tag_type is set to other, the value can only be block.

detail

String

Action details. If detail is null, the default block page is displayed by default.

  • This parameter is not required if category is set to captcha.

  • This parameter is required if category is set to block.
Table 7 detail

Parameter

Type

Description

redirect_url

String

URL to which the page is redirected.

response

response object

Redirected page
Table 8 response

Parameter

Type

Description

content_type

String

Content type. The value can only be application/json, text/html, or text/xml.

content

String

Content

Status code: 400

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Messages

Status code: 401

Table 10 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Messages

Status code: 500

Table 11 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Messages

Example Requests

GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/cc?enterprise_project_id=0

Example Responses

Status code: 200

ok

{
  "total" : 1,
  "items" : [ {
    "aging_time" : 0,
    "description" : "",
    "id" : "a5f3fd28db564696b199228f0ac346b2",
    "limit_num" : 10,
    "limit_period" : 60,
    "lock_time" : 0,
    "mode" : 0,
    "policyid" : "1f016cde588646aca3fb19f277c44d03",
    "prefix" : false,
    "producer" : 1,
    "status" : 1,
    "tag_type" : "ip",
    "timestamp" : 1656494435686,
    "total_num" : 0,
    "unaggregation" : false,
    "url" : "/path"
  } ]
}

Status Codes

Status Code

Description

200

ok

400

Request failed.

401

The token does not have required permissions.

500

Internal server error.

Error Codes

See Error Codes.