Docs
api
Web Application Firewall(UEWAF)
ModifyAutoWafDomainBlackList

Modify Automatic Blocking Rules - ModifyAutoWafDomainBlackList

Overview

Modify the automatic interception rules, when an attack is detected, automatically add the source IP of the visit to the blacklist.

Definition

Public Parameters

Parameter NameTypeDescription InformationRequired
ActionstringCorresponding API command name, the current API is ModifyAutoWafDomainBlackList.Yes
PublicKeystringThe user’s public key can be obtained from ConsoleYes
SignaturestringUser signature generated based on public key and API command, see Signature AlgorithmYes

Request Parameters

Parameter NameTypeDescription InformationRequired
ProjectIdstringProject ID. If not filled in, the default project is used, sub-accounts must be filled in. Please refer to the GetProjectList interface.No
IDintID of the auto-block rule that needs to be modifiedYes
FullDomainstringThe domain name for defense can only be selected from the added domain names.Yes
AttackTypestringAttack types, by default all attack types are counted, optional values: all|protocol|xss|sql|loopholes|exec|webshell|eaa|infoleak|scan|cc|other etc.No
ActionTypestringAction after detecting an attack, default is forbidden, captcha is supportedNo
ExpireTimeintAfter the rule takes effect, add the expiration time for the blacklist, in minutes. 0 means it is always valid, default is 60 minutes.No
AttackCountintAttack threshold, default is 10No
IntervalintAttack statistics interval, in seconds, default is 60 secondsNo

Response Field

Field NameTypeDescription InformationRequired
RetCodeintReturn status code. If it is 0, it means successful return. If it is not 0, it means failure.Yes
ActionstringOperation command name.Yes
MessagestringReturns an error message, providing detailed description when RetCode is non-zero.No

Example

Request Example

https://api.dezai.com/?Action=ModifyAutoWafDomainBlackList
&ProjectId=org-xxx
&ID=2
&FullDomain=www.test.com
&ActionType=forbidden
&ExpireTime=60
&AttackCount=10
&AttackType=eaa
&Interval=60

Response Example

{
  "Action": "ModifyAutoWafDomainBlackListResponse",
  "RetCode": 0
}