# Create Automatic Interception Strategy Interface - AddAutoWafDomainBlackList

## Overview

When an attack is detected, the source IP of the access is automatically added to the blacklist.






## Definition

### Public Parameters

| Parameter Name | Type | Description Information | Required |
|:---|:---|:---|:---|
| **Action**     | string  | Corresponding API command name, the current API is `AddAutoWafDomainBlackList`.                      | **Yes** |
| **PublicKey**  | string  | The user's public key can be obtained from [Console](https://console.dezai.com/uaccount/api_manage)                                             | **Yes** |
| **Signature**  | string  | User signature generated based on public key and API command, see [Signature Algorithm](/docs/api/summary/signature.md)  | **Yes** |

### Request Parameters

| Parameter Name | Type | Description Information | Required |
|:---|:---|:---|:---|
| **ProjectId** | string | Project ID. If not filled in, the default project is used, sub-accounts must be filled in. Please refer to the [GetProjectList interface](/docs/api/summary/get_project_list). |No|
| **FullDomain** | string | The domain name for defense can only be selected from the added domain names. |**Yes**|
| **AttackType** | string | Attack statistics type, all selected by default; Parameter options: protocol: Protocol violation, xss: XSS attack, sql: SQL injection, loopholes: Vulnerability attack, exec: Command execution, webshell: WebShell upload, eaa: Unauthorized access, infoleak: Information leakage, scan: Malicious scanning, cc: CC attack, other: Others |No|
| **ActionType** | string | Action after detecting an attack, default is forbidden, captcha is supported |No|
| **ExpireTime** | int | Set the expiration time for adding to the blacklist, in minutes. 0 means it is always valid, default is 60 minutes. |No|
| **AttackCount** | int | Attack threshold, default is 10 |No|
| **Interval** | int | Attack statistics interval, in seconds, default is 60 seconds |No|

### Response Field

| Field Name | Type | Description Information | Required |
|:---|:---|:---|:---|
| **RetCode** | int | Return status code. If it is 0, it means successful return. If it is not 0, it means failure. |**Yes**|
| **Action** | string | Operation command name. |**Yes**|
| **Message** | string | Returns an error message, providing detailed description when `RetCode` is non-zero. |No|
| **Id** | int | The returned policy ID after successful addition |No|




## Example

### Request Example
    
```
https://api.dezai.com/?Action=AddAutoWafDomainBlackList
&ProjectId=org-xxx
&FullDomain=www.test.com
&ActionType=forbidden
&State=Enable
&ExpireTime=60
&AttackCount=10
&Interval=60
```

### Response Example
    
```json
{
  "Action": "AddAutoWafDomainBlackListResponse",
  "Id": 8,
  "RetCode": 0
}
```