百度智能云

All Product Document

          Web Application Firewall WAF

          CDN-WAF-API

          Query All Cdn-waf Instances of the User

          Description

          • Query cdn-waf instances of the user

          Request structure

              GET /v{version}/cdnwaf/overview?clientToken={clientToken} HTTP/1.1
              Host: bss.{region}.baidubce.com
              Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Parameter name Type Required or not Parameter position Description
          version String Yes URL parameter API version number (the current value is 2)
          clientToken String Yes Query parameter Idempotence, for details, please see Idempotence

          Return status code

          "200" for return successful and Error Code for return failed.

          Return header

          There are no other special headers except the public headers.

          Return parameter

          Parameter name Type Description
          wafList List<CdnWafInstance> List of all cdn-waf instances of the user

          Request example

              GET /v2/cdnwaf/overview?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
              HOST bss.{region}.baidubce.com
              Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02

          Response example

          HTTP/1.1 200 OK
          x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
          Date: Wed, 10 Apr 2016 08:26:52 GMT
          Transfer-Encoding: chunked
          Content-Type: application/json;charset=UTF-8
          Server: BWS
          {
              "wafList": [
                  {
                      "wafName": "NAME",           //WAF instance name 
                      "wafId":  "WAFID",          //WAF ID
                      "status": "STATUS",          //WAF instance status: available/paused/pausing/updating/deleting/deleted 
                      "domain": "test.com",        //Bound primary domain 
                      "subDomain": {
                          "used": COUNT,           //Configured sub-domain, INT type      
                          "total": TOTAL,          //All configurable sub-domains, INT type 
                      },
                      "subDomainList": [
                          "DOMAIN1", "DOMAIN2", "DOMAIN3",
                      ]:                         //List of sub-domains 
                      "webSwitch":0| 1,             //web protection switch, INT type: 0: Close, 1: Enable 
                      "customSwitch":0| 1,         //Custom protection switch, INT type: 0: Close, 1: Enable 
                  },
                  {...},
              ]
          }

          Get All the Primary Domains of the User

          Interface description

          • Return to the list of all primary domains of the user

          Request structure

              GET /v{version}/cdnwaf/domainList?clientToken={clientToken} HTTP/1.1
              Host: bss.{region}.baidubce.com
              Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Parameter name Type Required or not Parameter position Description
          version String Yes URL parameter API version number (the current value is 2)
          clientToken String Yes Query parameter Idempotence, for details, please see Idempotence

          Return status code

          "200" for return successful and Error Code for return failed.

          Return header

          There are no other special headers except the public headers.

          Return parameter

          Parameter name Type Description
          domainList List List of primary domains

          Request example

              GET /v2/cdnwaf/domainList?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
              HOST bss.{region}.baidubce.com
              Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02

          Response example

              HTTP/1.1 200 OK
              x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
              Date: Wed, 10 Apr 2016 08:26:52 GMT
              Transfer-Encoding: chunked
              Content-Type: application/json;charset=UTF-8
              Server: BWS
              {
                  "domainList": [
                      {
                          Primary domain in "domain": "test.com",        //cdn 
                      },
                      {...},
                  ]
              } 

          Query the List of Available Sub-domains

          Interface description

          • Sub-domains which comply with the primary domain and are not added to other waf instances, or the sub-domains bound to the waf instance

          Request structure

              PUT /v{version}/cdnwaf/querySubDomainList/{waf_id}?clientToken={clientToken} HTTP/1.1
              Host: bss.{region}.baidubce.com
              Authorization: authorization string
              {
                  Primary domain in "domain": "test.com",               //cdn 
              } 

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Parameter name Type Required or not Parameter position Description
          version String Yes URL parameter API version number (the current value is 2)
          domain String Yes Request Body parameters Domain name
          clientToken String Yes Query parameter Idempotence, for details, please see Idempotence

          Return status code

          "200" for return successful and Error Code for return failed.

          Return header

          There are no other special headers except the public headers.

          Return parameter

          Parameter name Type Description
          subDomainList List Return to the list of available sub-domains of the user. The subDomain is the subdomain name and status is the subdomain status.

          Request example

              PUT /v2/cdnwaf/querySubDomainList/waf-3a4b5c?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
           HOST bss.{region}.baidubce.com
              Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
              {
                   "domain": "test.com",  
              }            

          Response example

              HTTP/1.1 200 OK
              x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
              Date: Wed, 10 Apr 2016 08:26:52 GMT
              Transfer-Encoding: chunked
              Content-Type: application/json;charset=UTF-8
              {
                  "subDomainList": [
                      {
                          "subDomain": "a.test.com",        //Sub-domain in cdn 
                          "status": 0| 1,                   //Sub-domain status, INT type: 0: No addition, 1: Added to the waf instance,                              
                      },
                      {...},
                  ]
              }

          Query the Configurable Sub-domains and the Number of Custom Rules

          Interface description

          • The waf designator needs to be specified
          • The primary domain of cdn needs to be specified.

          Request structure

              GET /v{version}/cdnwaf/cdnWafRules/{waf_id}?clientToken={clientToken} HTTP/1.1
              Host: bss.{region}.baidubce.com
              Authorization: authorization string
              {
                  Primary domain in "domain": "test.com",               //cdn 
              } 

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Parameter name Type Required or not Parameter position Description
          version String Yes URL parameter API version number (the current value is 2)
          clientToken String Yes Query parameter Idempotence, for details, please see Idempotence

          Return status code

          "200" for return successful and Error Code for return failed.

          Return header

          There are no other special headers except the public headers.

          Return parameter

          Parameter name Type Description
          domainSum Int Number of subdomains
          ruleSum Int Number of rules

          Request example

              GET /v2/cdnwaf/cdnWafRules/waf-3a4b5c?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
              HOST bss.{region}.baidubce.com
              Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02

          Response example

              HTTP/1.1 200 OK
              x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
              Date: Wed, 10 Apr 2016 08:26:52 GMT
              Transfer-Encoding: chunked
              Content-Type: application/json;charset=UTF-8
              {
                  "domainSum": DOMAINSUM,      //Number of subdomains, int type: 10| 20| 30| 40| 50 
                  "ruleSum": RULESUM,          //Number of rules, int type: 20| 40| 60| 80| 100 
              } 

          Configuration of WAF Rules Issued by CDN-WAF

          Interface description

          Configuration of rules for issuing WAF

          Request structure

              PUT /v2/cdnwaf/cdnWafConfig/{waf_id}?clientToken={clientToken}
              Host: bss.{region}.baidubce.com
              Authorization: authorization string
              {
                  "domain": "test.com",                  //Primary domain: without http and https heads, only supporting upper and lower case letters, numbers, and -._. 
                  "subDomain": [ 
                      "DOMAIN1", "DOMAIN2", "DOMAIN3",
                  ],                                    //Subdomain, the number of subdomains should be obtained according to config sum query. 
                  "webSwitch": 0| 1,                     //web protection switch, INT type: 0: Close, 1: Enable 
                  "webModel": { 
                      "policy": "high| middle| low",       //Policy level: high, middle, low 
                      "type": "log| deny",                //Executed policy: log: observation pattern, deny: interception pattern 
                  },
                  "customSwitch": 0| 1,                  //Custom protection switch, INT type: 0: Close, 1: Enable 
                  "customModel": [ 
                      {
                          "name": "NAME",                //Policy name: only supports 1-65 numbers, upper and lower case letters, -/_., and must start with letters. 
                          "pattern": "black| white",      //Executed action: black: intercept, white: pass 
                          "type": "log| deny",            //Policy type: Log: observation pattern, deny: interception pattern. When the pattern is white, the type can be only log observation pattern. 
                          "key": "KEY",                  //Matches, only supporting the several models: uri, ip, referer, user_agent, get_param 
                          "match": ": MATCH",            //Matched pattern: prefix| include| suffix 
                          "value": "xxx",                //Match contents: not supporting Chinese, supporting numbers, upper and lower case letters, -._. 
                      },
                  ],
              } 

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Parameter name Type Required or not Parameter position Description
          version String Yes URL parameter API version number (the current value is 2)
          clientToken String Yes Query parameter Idempotence, for details, please see Idempotence
          domain String Yes Request Body parameters Primary domain: without http and https heads, only supporting upper and lower case letters, and numbers.
          subDomain List Yes Request Body parameters List of sub-domains
          webSwitch Int Yes Request Body parameters web protection switch, INT type: 0: Close, 1: Enable
          webModel Object Yes Request Body parameters Configuration of interception policy of waf
          customSwitch Int Yes Request Body parameters Custom protection switch, INT type: 0: Close, 1: Enable
          customModel List<CdnCustomRule> Yes Request Body parameters Custom rules when the custom rule protection is enabled.

          Return status code

          "200" for return successful and Error Code for return failed.

          Return header

          There are no other special headers except the public headers.

          Return parameter

          No special return parameters

          Request example

              PUT /v2/cdnwaf/cdnWafConfig/waf-3a4b5c?clientToken=be31b98c-5e41-4838-9830-9be700de5a20
              Host bss.{region}.baidubce.com
              Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
              {
                  "domain": "test.com",                  //Primary domain: without http and https heads, only supporting upper and lower case letters, numbers, and -._. 
                  "subDomain": [ 
                      "DOMAIN1", "DOMAIN2", "DOMAIN3",
                  ],                                    //Subdomain, the number of subdomains should be obtained according to config sum query. 
                  "webSwitch": 0| 1,                     //web protection switch, INT type: 0: Close, 1: Enable 
                  "webModel": { 
                      "policy": "high| middle| low",       //Policy level: high, middle, low 
                      "type": "log| deny",                //Executed policy: log: observation pattern, deny: interception pattern 
                  },
                  "customSwitch": 0| 1,                  //Custom protection switch, INT type: 0: Close, 1: Enable 
                  "customModel": [ 
                      {
                          "name": "NAME",                //Policy name: only supports 1-65 numbers, upper and lower case letters, -/_., and must start with letters. 
                          "pattern": "black| white",      //Executed action: black: intercept, white: pass 
                          "type": "log| deny",            //Policy type: Log: observation pattern, deny: interception pattern. When the pattern is white, the type can be only log observation pattern. 
                          "key": "KEY",                  //Matches, only supporting the several models: uri, ip, referer, user_agent, get_param 
                          "match": ": MATCH",            //Matched pattern: prefix| include| suffix 
                          "value": "xxx",                //Match contents: not supporting Chinese, supporting numbers, upper and lower case letters, -._. 
                      },
                  ],
              } 

          Response example

              HTTP/1.1 200 OK
              x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
              Date: Wed, 10 Apr 2016 08:26:52 GMT
              Transfer-Encoding: chunked
              Content-Type: application/json;charset=UTF-8

          CDN-WAF is Queried to Query WAF Rule Configuration

          Interface description

          Configuration of rules for querying CDN-WAF

          Request structure

              GET /v2/cdnwaf/cdnWafConfig/{waf_id}?clientToken={clientToken}
              Host: bss.{region}.baidubce.com
              Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Parameter name Type Required or not Parameter position Description
          version String Yes URL parameter API version number (the current value is 2)
          clientToken String Yes Query parameter Idempotence, for details, please see Idempotence

          Return status code

          "200" for return successful and Error Code for return failed.

          Return header

          There are no other special headers except the public headers.

          Return parameter

          Parameter name Type Description
          domain String Primary domain: without http and https heads, only supporting upper and lower case letters, and numbers.
          subDomain List List of sub-domains
          webSwitch Int web protection switch, INT type: 0: Close, 1: Enable
          webModel Object Configuration of interception policy of waf
          customSwitch Int Custom protection switch, INT type: 0: Close, 1: Enable
          customModel List<CdnCustomRule> Custom rules when the custom rule protection is enabled.

          Request example

              GET /v2/cdnwaf/cdnWafConfig/waf-3a4b5c?clientToken=be31b98c-5e41-4838-9830-9be700de5a20
          
              Host bss.{region}.baidubce.com
              Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02

          Response example

              HTTP/1.1 200 OK
              x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
              Date: Wed, 10 Apr 2016 08:26:52 GMT
              Transfer-Encoding: chunked
              Content-Type: application/json;charset=UTF-8
              {
                  "domain": "test.com",                  //Primary domain: without http and https heads, only supporting upper and lower case letters, numbers, and -._, with the upper limit of length of 256. 
                  "subDomain": [ 
                      "DOMAIN1", "DOMAIN2", "DOMAIN3",
                  ],                                    //Subdomain, the number of subdomains should be obtained according to config sum query. 
                  "status": "STATUS",          //WAF instance status: available/paused/pausing/updating/deleting/deleted 
                  "webSwitch": 0| 1,                     //web protection switch, INT type: 0: Close, 1: Enable 
                  "webModel": { 
                      "policy": "high| middle| low",       //Policy level: high, middle, low 
                      "type": "log| deny",                //Executed policy: log: observation pattern, deny: interception pattern 
                  },
                  "customSwitch": 0| 1,                  //Custom protection switch, INT type: 0: Close, 1: Enable 
                  "customModel": [ 
                      {
                          "name": "NAME",                    //Policy name: only supports 16 numbers, upper and lower case letters, -/_. 
                          "type": "log| deny",                //Policy type: log: observation pattern, deny: interception pattern 
                          "pattern": "black| white",          //Executed action: black: intercept, white: pass 
                          "key": "KEY",                      //Matches, only supporting the several models: uri, ip, referer, user_agent, get_param 
                          "match": ": MATCH",                //Matched pattern: prefix| include| suffix 
                          "value": "xxx",                    //Match contents: not supporting Chinese, supporting numbers, upper and lower case letters, -._. 
                      },
                  ]
              }   
          Previous
          BLB-WAF Related Interface
          Next
          Appendix