Help Center/ Web Application Firewall/ API Reference (Paris)/ APIs/ Cloud Mode/ CC Attack Protection Rules/ Adding a CC Attack Protection Rule
Updated on 2022-12-29 GMT+08:00
View PDF
Share

Adding a CC Attack Protection Rule

Function Description

This API is used to add a CC attack protection rule.

URI

  • URI format

    POST /v1/{project_id}/waf/policy/{policy_id}/cc

  • Parameter description
    Table 1 Path parameters

    Parameter

    Mandatory

    Type

    Description

    project_id

    Yes

    String

    Specifies the project ID.

    policy_id

    Yes

    String

    Specifies the policy ID.

Request

Request parameters
Table 2 Parameter description

Parameter

Mandatory

Type

Description

path

Yes

String

Specifies the URL to which the rule applies, excluding a domain name.

  • Prefix match: The path ending with * indicates that the path is used as a prefix.

    For example, if the path to be protected is /admin/test.php or /adminabc, set Path to /admin*.

  • Exact match: The path to be entered must match the path to be protected.

    If the path to be protected is /admin, set url to /admin.

limit_num

No

Integer

Specifies the number of requests allowed from a web visitor in a rate limiting period. Value range: (0, 232). The default value is 1.

limit_period

No

Integer

Specifies the rate limiting period. Value range: (0, 232), in seconds. The default value is 1.

lock_time

No

Integer

Specifies the lock duration. The value ranges from 0 seconds to 232 seconds.

tag_type

Yes

String

Specifies the rate limit mode.

  • ip: A web visitor is identified by the IP address.
  • cookie: A web visitor is identified by the cookie key value.
  • other: A web visitor is identified by the Referer field (user-defined request source).

tag_index

No

String

If tag_type is set to cookie, this parameter indicates cookie name.

tag_condition

No

Table 3

Specifies the Referer (customized request source) field. This field is mandatory when tag_type is set to other.

action

Yes

Table 4

Specifies the action taken when the number of requests reaches the upper limit.
Table 3 tag_condition

Parameter

Mandatory

Type

Description

category

Yes

String

Specifies the category. The value is Referer.

This parameter is mandatory when the tag_condition field is transferred.

contents

Yes

List

Specifies the category content.

The format is as follows: http://www.example.com/path.

This parameter is mandatory when the tag_condition field is transferred. Currently, only one value is accepted.
Table 4 action

Parameter

Mandatory

Type

Description

category

Yes

String

Specifies the action. The default value is block.

  • block: block the requests.
  • captcha: Verification code. The user needs to enter the correct verification code after blocking to restore the correct access page.

The default value is block.

If tag_type is set to other, this parameter value can only be block.

detail

No

Table 5

Specifies the action details. If detail is null, the default block page is displayed by default.

This parameter is not required if category is set to captcha.

This parameter is required if category is set to block.
Table 5 detail

Parameter

Mandatory

Type

Description

response

Yes

Table 6

Specifies the returned page.
Table 6 response

Parameter

Mandatory

Type

Description

content_type

Yes

String

Specifies the type of the returned page.

The options are application/json, text/html, and text/xml.

The default value is application/json.

content

Yes

String

Specifies the content of the returned page.

Response

Response parameters
Table 7 Parameter description

Parameter

Type

Description

id

String

Specifies the ID of a CC attack protection rule.

policy_id

String

Specifies the policy ID.

path

String

Specifies the URL to which the rule applies.

limit_num

Integer

Specifies the number of requests allowed from a web visitor in a rate limiting period.

limit_period

Integer

Specifies the rate limiting period.

lock_time

Integer

Specifies the lock duration. The value ranges from 0 seconds to 232 seconds.

tag_type

String

Specifies the rate limit mode.

  • ip: A web visitor is identified by the IP address.
  • cookie: A web visitor is identified by the cookie key value.
  • other: A web visitor is identified by the Referer field (user-defined request source).

tag_index

String

If tag_type is set to cookie, this parameter indicates cookie name.

tag_condition

Table 8

Specifies the Referer (customized request source) field. This field is returned when tag_type is set to other.

action

Table 9

Specifies the action taken when the number of requests reaches the upper limit.

timestamp

Long

Specifies the time when a CC attack protection rule is added.

default

Boolean

Specifies whether the rule is the default CC attack protection rule.

  • true: The rule is the default CC attack protection rule created by the system when creating a domain name.
  • false: The rule is created by users.
Table 8 tag_condition

Parameter

Type

Description

category

String

Specifies the category. The value is Referer.

contents

List

Specifies the category content.
Table 9 action

Parameter

Type

Description

category

String

Specifies the action. The default value is block.

  • block: block the requests.
  • captcha: Verification code. The user needs to enter the correct verification code after blocking to restore the correct access page.

The default value is block.

If tag_type is set to other, this parameter value can only be block.

detail

Table 10

Specifies the action details. If detail is null, the default block page is displayed by default.
Table 10 detail

Parameter

Type

Description

response

Table 11

Specifies the returned page.
Table 11 response

Parameter

Type

Description

content_type

String

Specifies the type of the returned page.

The options are application/json, text/html, and text/xml.

content

String

Specifies the content of the returned page.

Examples

  • Request example 
    {
      "path": "/abc1",
      "limit_num": 10,
      "limit_period": 60,
      "lock_time": 10,
      "tag_type": "cookie",
      "tag_index": "sesssionid",
      "action": {
        "category": "block",
        "detail": {
          "response": {
              "content_type": "application/json",
              "content": "{\"error\":\"forbidden\"}"
          }
        }
      }
}
  • Response example 
    {
      "id": "3a9b5c0f96784ec8abd8ba61a98064ef",
      "policy_id": "9tre832yf96784ec8abd8ba61a98064ef",
      "path": "/abc1",
      "limit_num": 10,
      "limit_period": 60,
      "lock_time": 10,
      "tag_type": "cookie",
      "tag_index": "sesssionid",
      "action": {
        "category": "block",
        "detail": {
          "response": {
              "content_type": "application/json",
              "content": "{\"error\":\"forbidden\"}"
          }
        }
        },
      "timestamp": 1499817600,
      "default": false
}

Status Code

Table 12 describes the normal status code returned by the API.
Table 12 Status code

Status Code

Description

Meaning

200

OK

The request has succeeded.

For details about error status codes, see Status Codes.