yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
2303b27b6e5eda6887b7f9f50d0fa090d92130da
doc-exports/docs/wafd/api-ref/DeletePolicy.html
Li, Qiao 901ea67b42 waf dedicated API 01 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Li, Qiao <qiaoli@huawei.com>
Co-committed-by: Li, Qiao <qiaoli@huawei.com>
2022-12-08 14:03:35 +00:00

28 KiB
Raw Blame History

Deleting a Policy

Function

This API is used to delete a policy.

URI

DELETE /v1/{project_id}/waf/policy/{policy_id}

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID

policy_id

Yes

String

Policy ID. It can be obtained by calling the API Querying Protection Policies.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token. It can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

Content-Type

No

String

Content type. Default value: application/json;charset=utf8

Default: application/json;charset=utf8

Response Parameters

Status code: 200

Table 3 Response body parameters

Parameter

Type

Description

id

String

Policy ID

name

String

Array of details of policies

action

PolicyAction object

PolicyAction

options

PolicyOption object

PolicyOption

level

Integer

Protection level

  • 1: WAF detects wget, cURL, and more but does not detect XSS and command injection attacks in the header, so you may miss more vulnerabilities that actually exist. If you find out that configured protection rules are affecting your services, adjust the protection level to 1.

  • 2: WAF detects remote file inclusion, third-party software vulnerabilities, web shell, and cp and ftp commands. This is the default value.

  • 3: If you need a stricter protection level, set this parameter to 3. This may increase the false positive rate but decrease the false negative rate, such as nc, nmap, and kill.

full_detection

Boolean

Detection mode in the precise protection rule

  • true: full detection. WAF blocks all requests that hit the configured precise protection rule when it finishes all threat detections.

  • false: instant detection. WAF immediately ends threat detection and blocks the request that hits the configured precise protection rule.

bind_host

Array of BindHost objects

Basic information about the protected domain.

timestamp

Integer

Time a policy is created

extend

Map<String,String>

Extended field
Table 4 PolicyAction

Parameter

Type

Description

category

String

Protection level. The value can be:

  • block: WAF blocks attacks.

  • log: WAF only logs detected attacks.

Enumeration values:

  • block

  • log
Table 5 PolicyOption

Parameter

Type

Description

webattack

Boolean

Basic web protection includes many specific checks under Advanced Settings, and there is a specific parameter allocated for each check, for example, common for General Check. To enabled any of these checks, keep this parameter enabled first. The value can be:

  • true: enabled

  • false: disabled

common

Boolean

Whether general check is enabled. The value can be:

  • true: enabled

  • false: disabled

anticrawler

Boolean

Whether anti-crawler protection is enabled. Anti-crawler protection includes many specific anti-crawler checks, such as crawler_engine, crawler_scanner, crawler_script, and crawler_other. To enable any of these checks, keep anti-crawler protection enabled. The value can be:

  • true: enabled

  • false: disabled

crawler

Boolean

Whether feature-based anti-crawler is enabled. This parameter is fixed at true.

  • true: enabled

  • false: disabled

crawler_engine

Boolean

Whether the search engine is enabled. The value can be:

  • true: enabled

  • false: disabled

crawler_scanner

Boolean

Whether the scanner check in anti-crawler detection is enabled. The value can be:

  • true: enabled

  • false: disabled

crawler_script

Boolean

Whether the JavaScript anti-crawler is enabled. The value can be:

  • true: enabled

  • false: disabled

crawler_other

Boolean

Whether other crawler check is enabled. The value can be:

  • true: enabled

  • false: disabled

webshell

Boolean

Whether other crawler check is enabled. The value can be:

  • true: enabled

  • false: disabled

cc

Boolean

Whether the CC attack protection rule is enabled. The value can be:

  • true: enabled

  • false: disabled

custom

Boolean

Whether precise protection is enabled. The value can be:

  • true: enabled

  • false: disabled

whiteblackip

Boolean

Whether blacklist and whitelist protection is enabled. The value can be:

  • true: enabled

  • false: disabled

geoip

Boolean

Whether geolocation access control is enabled. The value can be:

  • true: enabled

  • false: disabled

ignore

Boolean

Whether false alarm masking is enabled. The value can be:

  • true: enabled

  • false: disabled

privacy

Boolean

Whether data masking is enabled. The value can be:

  • true: enabled

  • false: disabled

antitamper

Boolean

Whether the web tamper protection is enabled. The value can be:

  • true: enabled

  • false: disabled

antileakage

Boolean

Whether the information leakage prevention is enabled. The value can be:

  • true: enabled

  • false: disabled

bot_enable

Boolean

This parameter is redundant in this version. It will be used in the later versions.

precise

Boolean

This parameter is redundant in this version. It will be used in the later versions.

followed_action

Boolean

This parameter is redundant in this version. It will be used in the later versions.
Table 6 BindHost

Parameter

Type

Description

id

String

Domain name ID. It is the unique identifier generated by WAF for a domain name when you add the domain name to WAF

hostname

String

Domain name

waf_type

String

WAF mode of the domain name. The value is premium.

Status code: 400

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Error code

error_msg

String

Error message

Status code: 401

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Error code

error_msg

String

Error message

Status code: 500

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Error code

error_msg

String

Error message

Example Requests

DELETE https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}?

Example Responses

Status code: 200

Request succeeded.

{
  "id" : "62169e2fc4e64148b775ec01b24a1947",
  "name" : "demo",
  "level" : 2,
  "action" : {
    "category" : "log",
    "modulex_category" : "log"
  },
  "options" : {
    "webattack" : true,
    "common" : true,
    "crawler" : true,
    "crawler_engine" : false,
    "crawler_scanner" : true,
    "crawler_script" : false,
    "crawler_other" : false,
    "webshell" : false,
    "cc" : true,
    "custom" : true,
    "precise" : false,
    "whiteblackip" : true,
    "geoip" : true,
    "ignore" : true,
    "privacy" : true,
    "antitamper" : true,
    "anticrawler" : false,
    "antileakage" : false,
    "followed_action" : false,
    "bot_enable" : true
  },
  "hosts" : [ ],
  "extend" : { },
  "timestamp" : 1649316510603,
  "full_detection" : false,
  "bind_host" : [ ]
}

Status Codes

Status Code

Description

200

Request succeeded.

400

Request failed.

401

The token does not have required permissions.

500

Internal server error.

Error Codes

See Error Codes.

Parent topic: Policy Management