Web Application Firewall (WAF)

PreviousSecurity NextSSL/TLS

Last updated 2 months ago

Was this helpful?

Change WAF Resource Mode

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

Path parameters

organization_uuidstringrequired

The UUID of the organization

resource_uuidstringrequired

The UUID of the resource

Body

resource_uuidstringrequired

The UUID of the resource

waf_statusstring · enumrequired

The status of the WAF (on, detectiononly, off)

Options: on, detectiononly, off

typestringrequired

The type of resource (should be 'waf')

Example: waf

waf_global_rulesobject[]

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url 'https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}' \
  --header 'Content-Type: application/json' \
  --data '{
    "resource_uuid": "text",
    "waf_status": "on",
    "type": "waf",
    "waf_global_rules": [
      {
        "secruleid": "text",
        "status": "enabled",
        "score": 1
      }
    ]
  }'

200

{
  "status": true,
  "data": {}
}

WAF resource mode change successful

curl -L \
  --request POST \
  --url 'https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource' \
  --header 'Content-Type: application/json' \
  --data '{
    "resource_type": "dynamic",
    "data_source": "origin",
    "protocol": "https",
    "origin_url": "test.com",
    "server_name": "domain.test.com",
    "resource_name": "waf-213105900",
    "extensions": "waf"
  }'

{
  "status": true,
  "data": {
    "resource_uuid": "****-****-****-****",
    "resource_type": "dynamic",
    "resource_name": "waf-213105900",
    "cdn_url": "waf-213105900.mncdn.org",
    "resource_label": null,
    "ssl_certificate": "sni",
    "created_at": "2023-12-15T18:31:06.000000Z",
    "data_source": "origin",
    "server_name": "domain.test.com",
    "protocol": "https",
    "origin_url": "test.com",
    "gzip_text": false,
    "gzip_image": false,
    "brotli": false,
    "image_optimization": false,
    "webp": true,
    "avif": null,
    "http2": true,
    "status_qs": false,
    "status_secure_token": false
  }
}

Create Custom WAF Rule

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

Path parameters

organization_uuidstringrequired

The UUID of the organization

resource_uuidstringrequired

The UUID of the resource

Body

resource_uuidstringrequired

The UUID of the resource

waf_statusstring · enumrequired

The status of the WAF (on, detectiononly, off)

Options: on, detectiononly, off

typestringrequired

The type of resource (should be 'waf')

Example: waf

waf_rulesobject[]required

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url 'https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}' \
  --header 'Content-Type: application/json' \
  --data '{
    "resource_uuid": "***-****-*****-****",
    "waf_status": "detectiononly",
    "type": "waf",
    "waf_rules": [
      {
        "rule_name": "rule1",
        "conditions": [
          {
            "field": "user_agent",
            "operator": "contain",
            "value": "test"
          }
        ],
        "rule_action": "block"
      },
      {
        "rule_name": "rule2",
        "conditions": [
          {
            "field": "request_protocol",
            "operator": "not_contain",
            "value": "test"
          }
        ],
        "rule_action": "block"
      },
      {
        "rule_name": "rule6",
        "conditions": [
          {
            "field": "client_ip",
            "operator": "match",
            "value": [
              "1.1.1.1",
              "2.2.2.2"
            ]
          }
        ],
        "rule_action": "allow"
      },
      {
        "rule_name": "rule7",
        "conditions": [
          {
            "field": "request_method",
            "operator": "within",
            "value": [
              "GET",
              "POST",
              "PUT"
            ]
          }
        ],
        "rule_action": "allow"
      }
    ]
  }'

200

{
  "status": true,
  "data": {}
}

Custom WAF rule creation successful

Delete WAF Rules

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

Path parameters

organization_uuidstringrequired

The UUID of the organization

resource_uuidstringrequired

The UUID of the resource

Body

resource_uuidstringrequired

The UUID of the resource

waf_statusstring · enumrequired

The status of the WAF (on, detectiononly, off)

Options: on, detectiononly, off

typestringrequired

The type of resource (should be 'waf')

Example: waf

waf_rulesobject[]required

An empty array to indicate all rules should be deleted

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url 'https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}' \
  --header 'Content-Type: application/json' \
  --data '{
    "resource_uuid": "****-***-****-****",
    "waf_status": "detectiononly",
    "type": "waf",
    "waf_rules": []
  }'

200

{
  "status": true,
  "data": {}
}

WAF rules deletion successful

Change WAF Resource Mode

Show child attributes

Create WAF Resource

Create Custom WAF Rule

Show child attributes

Delete WAF Rules