CDN-WAF-API
Last Updated:2020-10-21
Query All Cdn-waf Instances of the User
Description
- Query cdn-waf instances of the user
Request structure
GET /v{version}/cdnwaf/overview?clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization stringRequest header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | Idempotence, for details, please see Idempotence |
Return status code
"200" for return successful and Error Code for return failed.
Return header
There are no other special headers except the public headers.
Return parameter
| Parameter name | Type | Description |
|---|---|---|
| wafList | List<CdnWafInstance> | List of all cdn-waf instances of the user |
Request example
GET /v2/cdnwaf/overview?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"wafList": [
{
"wafName": "NAME", //WAF instance name
"wafId": "WAFID", //WAF ID
"status": "STATUS", //WAF instance status: available/paused/pausing/updating/deleting/deleted
"domain": "test.com", //Bound primary domain
"subDomain": {
"used": COUNT, //Configured sub-domain, INT type
"total": TOTAL, //All configurable sub-domains, INT type
},
"subDomainList": [
"DOMAIN1", "DOMAIN2", "DOMAIN3",
]: //List of sub-domains
"webSwitch":0| 1, //web protection switch, INT type: 0: Close, 1: Enable
"customSwitch":0| 1, //Custom protection switch, INT type: 0: Close, 1: Enable
},
{...},
]
}Get All the Primary Domains of the User
Interface description
- Return to the list of all primary domains of the user
Request structure
GET /v{version}/cdnwaf/domainList?clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization stringRequest header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | Idempotence, for details, please see Idempotence |
Return status code
"200" for return successful and Error Code for return failed.
Return header
There are no other special headers except the public headers.
Return parameter
| Parameter name | Type | Description |
|---|---|---|
| domainList | List |
List of primary domains |
Request example
GET /v2/cdnwaf/domainList?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"domainList": [
{
Primary domain in "domain": "test.com", //cdn
},
{...},
]
} Query the List of Available Sub-domains
Interface description
- Sub-domains which comply with the primary domain and are not added to other waf instances, or the sub-domains bound to the waf instance
Request structure
PUT /v{version}/cdnwaf/querySubDomainList/{waf_id}?clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization string
{
Primary domain in "domain": "test.com", //cdn
} Request header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| domain | String | Yes | Request Body parameters | Domain name |
| clientToken | String | Yes | Query parameter | Idempotence, for details, please see Idempotence |
Return status code
"200" for return successful and Error Code for return failed.
Return header
There are no other special headers except the public headers.
Return parameter
| Parameter name | Type | Description |
|---|---|---|
| subDomainList | List |
Return to the list of available sub-domains of the user. The subDomain is the subdomain name and status is the subdomain status. |
Request example
PUT /v2/cdnwaf/querySubDomainList/waf-3a4b5c?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
{
"domain": "test.com",
} Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
{
"subDomainList": [
{
"subDomain": "a.test.com", //Sub-domain in cdn
"status": 0| 1, //Sub-domain status, INT type: 0: No addition, 1: Added to the waf instance,
},
{...},
]
}Query the Configurable Sub-domains and the Number of Custom Rules
Interface description
- The waf designator needs to be specified
- The primary domain of cdn needs to be specified.
Request structure
GET /v{version}/cdnwaf/cdnWafRules/{waf_id}?clientToken={clientToken} HTTP/1.1
Host: bss.{region}.baidubce.com
Authorization: authorization string
{
Primary domain in "domain": "test.com", //cdn
} Request header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | Idempotence, for details, please see Idempotence |
Return status code
"200" for return successful and Error Code for return failed.
Return header
There are no other special headers except the public headers.
Return parameter
| Parameter name | Type | Description |
|---|---|---|
| domainSum | Int | Number of subdomains |
| ruleSum | Int | Number of rules |
Request example
GET /v2/cdnwaf/cdnWafRules/waf-3a4b5c?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
HOST bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
{
"domainSum": DOMAINSUM, //Number of subdomains, int type: 10| 20| 30| 40| 50
"ruleSum": RULESUM, //Number of rules, int type: 20| 40| 60| 80| 100
} Configuration of WAF Rules Issued by CDN-WAF
Interface description
Configuration of rules for issuing WAF
Request structure
PUT /v2/cdnwaf/cdnWafConfig/{waf_id}?clientToken={clientToken}
Host: bss.{region}.baidubce.com
Authorization: authorization string
{
"domain": "test.com", //Primary domain: without http and https heads, only supporting upper and lower case letters, numbers, and -._.
"subDomain": [
"DOMAIN1", "DOMAIN2", "DOMAIN3",
], //Subdomain, the number of subdomains should be obtained according to config sum query.
"webSwitch": 0| 1, //web protection switch, INT type: 0: Close, 1: Enable
"webModel": {
"policy": "high| middle| low", //Policy level: high, middle, low
"type": "log| deny", //Executed policy: log: observation pattern, deny: interception pattern
},
"customSwitch": 0| 1, //Custom protection switch, INT type: 0: Close, 1: Enable
"customModel": [
{
"name": "NAME", //Policy name: only supports 1-65 numbers, upper and lower case letters, -/_., and must start with letters.
"pattern": "black| white", //Executed action: black: intercept, white: pass
"type": "log| deny", //Policy type: Log: observation pattern, deny: interception pattern. When the pattern is white, the type can be only log observation pattern.
"key": "KEY", //Matches, only supporting the several models: uri, ip, referer, user_agent, get_param
"match": ": MATCH", //Matched pattern: prefix| include| suffix
"value": "xxx", //Match contents: not supporting Chinese, supporting numbers, upper and lower case letters, -._.
},
],
} Request header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | Idempotence, for details, please see Idempotence |
| domain | String | Yes | Request Body parameters | Primary domain: without http and https heads, only supporting upper and lower case letters, and numbers. |
| subDomain | List |
Yes | Request Body parameters | List of sub-domains |
| webSwitch | Int | Yes | Request Body parameters | web protection switch, INT type: 0: Close, 1: Enable |
| webModel | Object | Yes | Request Body parameters | Configuration of interception policy of waf |
| customSwitch | Int | Yes | Request Body parameters | Custom protection switch, INT type: 0: Close, 1: Enable |
| customModel | List<CdnCustomRule> | Yes | Request Body parameters | Custom rules when the custom rule protection is enabled. |
Return status code
"200" for return successful and Error Code for return failed.
Return header
There are no other special headers except the public headers.
Return parameter
No special return parameters
Request example
PUT /v2/cdnwaf/cdnWafConfig/waf-3a4b5c?clientToken=be31b98c-5e41-4838-9830-9be700de5a20
Host bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02
{
"domain": "test.com", //Primary domain: without http and https heads, only supporting upper and lower case letters, numbers, and -._.
"subDomain": [
"DOMAIN1", "DOMAIN2", "DOMAIN3",
], //Subdomain, the number of subdomains should be obtained according to config sum query.
"webSwitch": 0| 1, //web protection switch, INT type: 0: Close, 1: Enable
"webModel": {
"policy": "high| middle| low", //Policy level: high, middle, low
"type": "log| deny", //Executed policy: log: observation pattern, deny: interception pattern
},
"customSwitch": 0| 1, //Custom protection switch, INT type: 0: Close, 1: Enable
"customModel": [
{
"name": "NAME", //Policy name: only supports 1-65 numbers, upper and lower case letters, -/_., and must start with letters.
"pattern": "black| white", //Executed action: black: intercept, white: pass
"type": "log| deny", //Policy type: Log: observation pattern, deny: interception pattern. When the pattern is white, the type can be only log observation pattern.
"key": "KEY", //Matches, only supporting the several models: uri, ip, referer, user_agent, get_param
"match": ": MATCH", //Matched pattern: prefix| include| suffix
"value": "xxx", //Match contents: not supporting Chinese, supporting numbers, upper and lower case letters, -._.
},
],
} Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8CDN-WAF is Queried to Query WAF Rule Configuration
Interface description
Configuration of rules for querying CDN-WAF
Request structure
GET /v2/cdnwaf/cdnWafConfig/{waf_id}?clientToken={clientToken}
Host: bss.{region}.baidubce.com
Authorization: authorization stringRequest header
There are no other special headers except the public headers.
Request parameter
| Parameter name | Type | Required or not | Parameter position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number (the current value is 2) |
| clientToken | String | Yes | Query parameter | Idempotence, for details, please see Idempotence |
Return status code
"200" for return successful and Error Code for return failed.
Return header
There are no other special headers except the public headers.
Return parameter
| Parameter name | Type | Description |
|---|---|---|
| domain | String | Primary domain: without http and https heads, only supporting upper and lower case letters, and numbers. |
| subDomain | List |
List of sub-domains |
| webSwitch | Int | web protection switch, INT type: 0: Close, 1: Enable |
| webModel | Object | Configuration of interception policy of waf |
| customSwitch | Int | Custom protection switch, INT type: 0: Close, 1: Enable |
| customModel | List<CdnCustomRule> | Custom rules when the custom rule protection is enabled. |
Request example
GET /v2/cdnwaf/cdnWafConfig/waf-3a4b5c?clientToken=be31b98c-5e41-4838-9830-9be700de5a20
Host bss.{region}.baidubce.com
Authorization bce-auth-v1/5e5a8adf11ae475ba95f1bd38228b44f/2016-04-10T08:26:52Z/1800/host;x-bce-date/ec3c0069f9abb1e247773a62707224124b2b31b4c171133677f9042969791f02Response example
HTTP/1.1 200 OK
x-bce-request-id: 946002ee-cb4f-4aad-b686-5be55df27f09
Date: Wed, 10 Apr 2016 08:26:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
{
"domain": "test.com", //Primary domain: without http and https heads, only supporting upper and lower case letters, numbers, and -._, with the upper limit of length of 256.
"subDomain": [
"DOMAIN1", "DOMAIN2", "DOMAIN3",
], //Subdomain, the number of subdomains should be obtained according to config sum query.
"status": "STATUS", //WAF instance status: available/paused/pausing/updating/deleting/deleted
"webSwitch": 0| 1, //web protection switch, INT type: 0: Close, 1: Enable
"webModel": {
"policy": "high| middle| low", //Policy level: high, middle, low
"type": "log| deny", //Executed policy: log: observation pattern, deny: interception pattern
},
"customSwitch": 0| 1, //Custom protection switch, INT type: 0: Close, 1: Enable
"customModel": [
{
"name": "NAME", //Policy name: only supports 16 numbers, upper and lower case letters, -/_.
"type": "log| deny", //Policy type: log: observation pattern, deny: interception pattern
"pattern": "black| white", //Executed action: black: intercept, white: pass
"key": "KEY", //Matches, only supporting the several models: uri, ip, referer, user_agent, get_param
"match": ": MATCH", //Matched pattern: prefix| include| suffix
"value": "xxx", //Match contents: not supporting Chinese, supporting numbers, upper and lower case letters, -._.
},
]
} Previous
BLB-WAF Related InterfaceNext
Appendix