Updated on 2024-07-25 GMT+08:00

Querying a Precise Protection Rule by ID

Function

This API is used to query a precise protection rule by ID.

URI

GET /v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID

policy_id

Yes

String

Protection policy ID. You can call the ListPolicy API to obtain the policy ID.

rule_id

Yes

String

customRuleId

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

auth token

Content-Type

Yes

String

Content type

Default: application/json;charset=utf8

Response Parameters

Status code: 200

Table 3 Response body parameters

Parameter

Type

Description

id

String

ID of a precise protection rule.

policyid

String

ID of the policy to which the rule belongs.

conditions

Array of conditions objects

List of matching conditions. All conditions must be met.

action

action object

Protective action of the precise protection rule

priority

Integer

Priority of a rule. Smaller values correspond to higher priorities. If two rules are assigned with the same priority, the rule added earlier has higher priority. The value ranges from 0 to 1000.

timestamp

Long

Timestamp when the precise protection rule is created.

start

Long

Timestamp (ms) when the precise protection rule takes effect. This parameter is returned only when time is true.

terminal

Long

Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.

Table 4 conditions

Parameter

Type

Description

category

String

Condition type. Its option can be path, user-agent, ip, params, cookie, referer, or header.

index

String

  • If category is set to cookie, index indicates cookie name.

  • If category is set to params, index indicates param name.

  • If category is set to header, index indicates an option in the header.

check_all_indexes_logic

Integer

Available values are 1 and 2. The value 1 indicates all subfields, and the value 2 indicates any subfields.

logic_operation

Integer

The value can be:

  • contain

  • not_contain

  • equal

  • not_equal

  • prefix

  • not_prefix

  • suffix

  • not_suffix If category is set to ip, logic_operation can be set to equal or not_equal only.

contents

Array of strings

Content of the match conditions

Table 5 action

Parameter

Type

Description

category

String

Action type.

  • block: WAF blocks attacks.

  • pass: WAF allows requests.

Status code: 400

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Messages

Status code: 401

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Messages

Status code: 500

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Messages

Example Requests

GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/custom/{rule_id}?enterprise_project_id=0

Example Responses

Status code: 200

ok

{
  "action" : {
    "category" : "block"
  },
  "action_mode" : false,
  "aging_time" : 0,
  "conditions" : [ {
    "category" : "header",
    "index" : "sdfsafsda",
    "logic_operation" : "exist"
  } ],
  "description" : "",
  "id" : "2a3caa2bc9814c09ad73d02e3485b4a4",
  "policyid" : "1f016cde588646aca3fb19f277c44d03",
  "priority" : 50,
  "producer" : 1,
  "status" : 1,
  "time" : false,
  "timestamp" : 1656495488880
}

Status Codes

Status Code

Description

200

ok

400

Request failed.

401

The token does not have required permissions.

500

Internal server error.

Error Codes

See Error Codes.