Creating a Protection Policy
Function
This API is used to create a protection policy.
URI
POST /v1/{project_id}/waf/policy
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
project_id |
Yes |
String |
Project ID |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
X-Auth-Token |
Yes |
String |
User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header). |
Content-Type |
Yes |
String |
Content type Default: application/json;charset=utf8 |
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
name |
Yes |
String |
Policy name. A policy name can contain only digits, letters, and underscores (_), and contains a maximum of 64 characters. |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
|---|---|---|
id |
String |
Policy ID |
name |
String |
Policy name |
level |
Integer |
Protection level |
action |
PolicyAction object |
Operation |
options |
PolicyOption object |
Option |
full_detection |
Boolean |
Detection mode in a precise protection rule |
hosts |
Array of strings |
ID of the protected website. |
bind_host |
Array of BindHost objects |
Information about the protected website |
timestamp |
Long |
Time the policy was created |
extend |
Object |
Extended field |
Parameter |
Type |
Description |
|---|---|---|
category |
String |
Protection level. The options are log and block. |
Parameter |
Type |
Description |
|---|---|---|
webattack |
Boolean |
Whether basic web protection is enabled |
common |
Boolean |
Whether general check is enabled |
crawler |
Boolean |
Whether anti-crawler is enabled |
crawler_engine |
Boolean |
Whether the search engine check is enabled |
crawler_scanner |
Boolean |
Whether anti-crawler is enabled |
crawler_script |
Boolean |
Whether JavaScript-based anti-crawler is enabled |
crawler_other |
Boolean |
Whether the other check item of anti-crawler is enabled |
webshell |
Boolean |
Whether web shell check is enabled |
cc |
Boolean |
Whether the CC attack protection is enabled |
custom |
Boolean |
Whether precise protection is enabled |
whiteblackip |
Boolean |
Whether blacklist and whitelist protection is enabled |
ignore |
Boolean |
Whether false alarm masking is enabled |
privacy |
Boolean |
Whether data masking is enabled |
antitamper |
Boolean |
Whether web tamper protection is enabled |
Parameter |
Type |
Description |
|---|---|---|
id |
String |
Domain name ID |
hostname |
String |
Domain name |
waf_type |
String |
WAF edition for the domain name. The options are cloud and premium. |
mode |
String |
(Dedicated mode only) Special domain name mode |
Status code: 400
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error code message |
Status code: 401
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error code message |
Status code: 500
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error code message |
Example Requests
None
Example Responses
None
Status Codes
Status Code |
Description |
|---|---|
200 |
OK |
400 |
Request failed |
401 |
Insufficient token permissions |
500 |
Internal server error |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
