Updated on 2024-07-25 GMT+08:00

Updating a CC Attack Protection Rule

Function

This API is used to update a CC attack protection rule.

URI

PUT /v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID

policy_id

Yes

String

policyid

rule_id

Yes

String

ccRuleId

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

auth token

Content-Type

Yes

String

Content type

Default: application/json;charset=utf8

Table 3 Request body parameters

Parameter

Mandatory

Type

Description

description

No

String

Rule description

limit_num

No

Integer

Frequency limits

Minimum: 0

Maximum: 10000

limit_period

No

Integer

Frequency limit unit

Minimum: 0

Maximum: 10000

url

No

String

url

Minimum: 0

Maximum: 10000

mode

No

Integer

Work mode. The value can be 0 (standard) or 1 (advanced). The parameters of the advanced mode cannot be described in the same document of the same API. For details, see this parameter on the console page.

Enumeration values:

  • 0

  • 1

action

No

action object

Action to take if the number of requests reaches the upper limit.

tag_type

No

String

Protection mode.

  • ip: A website visitor is identified by the IP address.

  • cookie: A website visitor is identified by the cookie key value.

  • other: A website visitor is identified by the Referer field (user-defined request source).

Enumeration values:

  • ip

  • other

  • cookie

Table 4 action

Parameter

Mandatory

Type

Description

category

No

String

Protective action

Response Parameters

Status code: 200

Table 5 Response body parameters

Parameter

Type

Description

id

String

ID of a CC prevention rule

policyid

String

ID of the policy to which the rule belongs

url

String

URL to which the rule applies, excluding a domain name.

  • Prefix match: A path ending with * indicates that the path is used as a prefix. For example, to protect /admin/test.php or /adminabc, you can set Path to /admin*.

  • Exact match: The path you enter must exactly match the path you want to protect. If the path you want to protect is /admin, set url to /admin.

limit_num

String

Number of requests allowed from a web visitor in a rate limiting period

limit_period

String

Rate limiting period

lock_time

String

How long a web visitor will be locked The value range is [0 to 2^32), in seconds.

tag_type

String

Protection mode.

  • ip: A website visitor is identified by the IP address.

  • cookie: A website visitor is identified by the cookie key value.

  • other: A website visitor is identified by the Referer field (user-defined request source).

tag_index

String

Protection mode tag. When tag_type is set to cookie, this parameter indicates the cookie name.

action

action object

Action to take if the number of requests reaches the upper limit.

Table 6 action

Parameter

Type

Description

category

String

Action type:

  • block: WAF blocks the requests.

  • captcha: Verification code. WAF requires visitors to enter a correct verification code to continue their access to requested page on your website.

  • If tag_type is set to other, the value can only be block.

detail

String

Action details. If detail is null, the default block page is displayed by default.

  • This parameter is not required if category is set to captcha.

  • This parameter is required if category is set to block.

Table 7 detail

Parameter

Type

Description

redirect_url

String

URL to which the page is redirected.

response

response object

Redirected page

Table 8 response

Parameter

Type

Description

content_type

String

Content type. The value can only be application/json, text/html, or text/xml.

content

String

Content

Status code: 400

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Messages

Status code: 401

Table 10 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Messages

Status code: 500

Table 11 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Messages

Example Requests

PUT https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/cc/{rule_id}?enterprise_project_id=0

{
  "action" : {
    "category" : "captcha"
  },
  "description" : "",
  "limit_num" : 10,
  "limit_period" : 60,
  "mode" : 0,
  "tag_type" : "ip",
  "url" : "/path1"
}

Example Responses

Status code: 200

ok

{
  "aging_time" : 0,
  "description" : "",
  "id" : "a5f3fd28db564696b199228f0ac346b2",
  "limit_num" : 10,
  "limit_period" : 60,
  "lock_time" : 0,
  "mode" : 0,
  "policyid" : "1f016cde588646aca3fb19f277c44d03",
  "prefix" : false,
  "producer" : 1,
  "status" : 1,
  "tag_type" : "ip",
  "total_num" : 0,
  "unaggregation" : false,
  "url" : "/path1"
}

Status Codes

Status Code

Description

200

ok

400

Request failed.

401

The token does not have required permissions.

500

Internal server error.

Error Codes

See Error Codes.