Web Application Firewall (WAF)

PreviousSecurity NextSSL/TLS

Last updated 1 month ago

Was this helpful?

Change WAF Resource Mode

PUThttps://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

Path parameters

organization_uuid*string

The UUID of the organization

resource_uuid*string

The UUID of the resource

Body

resource_uuid*string

The UUID of the resource

waf_status*enum

The status of the WAF (on, detectiononly, off)

ondetectiononlyoff

type*string

The type of resource (should be 'waf')

Example: "waf"

waf_global_rulesarray of object

Response

WAF resource mode change successful

Body

statusboolean

Indicates whether the request was successful

Example: true

dataobject

Additional data about the request response

Request

const response = await fetch('https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "resource_uuid": "text",
      "waf_status": "on",
      "type": "waf",
      "waf_global_rules": [
        {
          "secruleid": "text",
          "status": "enabled"
        }
      ]
    }),
});
const data = await response.json();

Response

{
  "status": true,
  "data": {}
}

Delete WAF Rules

PUThttps://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

Path parameters

organization_uuid*string

The UUID of the organization

resource_uuid*string

The UUID of the resource

Body

resource_uuid*string

The UUID of the resource

waf_status*enum

The status of the WAF (on, detectiononly, off)

ondetectiononlyoff

type*string

The type of resource (should be 'waf')

Example: "waf"

waf_rules*array of object

An empty array to indicate all rules should be deleted

Response

WAF rules deletion successful

Body

statusboolean

Indicates whether the request was successful

Example: true

dataobject

Additional data about the request response

Request

const response = await fetch('https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "resource_uuid": "****-***-****-****",
      "waf_status": "detectiononly",
      "type": "waf",
      "waf_rules": []
    }),
});
const data = await response.json();

Response

{
  "status": true,
  "data": {}
}

Create Custom WAF Rule

PUThttps://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

Path parameters

organization_uuid*string

The UUID of the organization

resource_uuid*string

The UUID of the resource

Body

resource_uuid*string

The UUID of the resource

waf_status*enum

The status of the WAF (on, detectiononly, off)

ondetectiononlyoff

type*string

The type of resource (should be 'waf')

Example: "waf"

waf_rules*array of object

Response

Custom WAF rule creation successful

Body

statusboolean

Indicates whether the request was successful

Example: true

dataobject

Additional data about the request response

Request

const response = await fetch('https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "resource_uuid": "***-****-*****-****",
      "waf_status": "detectiononly",
      "type": "waf",
      "waf_rules": [
        {
          "rule_name": "rule1",
          "conditions": [
            {
              "field": "user_agent",
              "operator": "contain",
              "value": "test"
            }
          ],
          "rule_action": "block"
        },
        {
          "rule_name": "rule2",
          "conditions": [
            {
              "field": "request_protocol",
              "operator": "not_contain",
              "value": "test"
            }
          ],
          "rule_action": "block"
        },
        {
          "rule_name": "rule6",
          "conditions": [
            {
              "field": "client_ip",
              "operator": "match",
              "value": [
                "1.1.1.1",
                "2.2.2.2"
              ]
            }
          ],
          "rule_action": "allow"
        },
        {
          "rule_name": "rule7",
          "conditions": [
            {
              "field": "request_method",
              "operator": "within",
              "value": [
                "GET",
                "POST",
                "PUT"
              ]
            }
          ],
          "rule_action": "allow"
        }
      ]
    }),
});
const data = await response.json();

Response

{
  "status": true,
  "data": {}
}

Create WAF Resource

Creates a new WAF resource for the specified organization.

POSThttps://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource

Path parameters

organization_uuid*string

UUID of the organization

Body

resource_type*string

Example: "dynamic"

data_source*string

Example: "origin"

protocol*string

Example: "https"

origin_url*string

Example: "test.com"

server_name*string

Example: "domain.test.com"

resource_name*string

Example: "waf-213105900"

extensions*string

Example: "waf"

Response

WAF resource created successfully

Body

statusboolean

Example: true

dataobject

Request

const response = await fetch('https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "resource_type": "dynamic",
      "data_source": "origin",
      "protocol": "https",
      "origin_url": "test.com",
      "server_name": "domain.test.com",
      "resource_name": "waf-213105900",
      "extensions": "waf"
    }),
});
const data = await response.json();

Response

{
  "status": true,
  "data": {
    "resource_uuid": "****-****-****-****",
    "resource_type": "dynamic",
    "resource_name": "waf-213105900",
    "cdn_url": "waf-213105900.mncdn.org",
    "resource_label": null,
    "ssl_certificate": "sni",
    "created_at": "2023-12-15T18:31:06.000000Z",
    "data_source": "origin",
    "server_name": "domain.test.com",
    "protocol": "https",
    "origin_url": "test.com",
    "gzip_text": false,
    "gzip_image": false,
    "brotli": false,
    "image_optimization": false,
    "webp": true,
    "avif": null,
    "http2": true,
    "status_qs": false,
    "status_secure_token": false
  }
}