Web Application Firewall (WAF)

PreviousSecurity NextSSL/TLS

Last updated 4 months ago

Was this helpful?

Change WAF Resource Mode

put

Path parameters

organization_uuidstringRequired

The UUID of the organization

resource_uuidstringRequired

The UUID of the resource

Body

resource_uuidstringRequired

The UUID of the resource

waf_statusstring · enumRequired

The status of the WAF (on, detectiononly, off)

Possible values:

typestringRequired

The type of resource (should be 'waf')

Example: waf

Responses

200

WAF resource mode change successful

application/json

put

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 126

{
  "resource_uuid": "text",
  "waf_status": "on",
  "type": "waf",
  "waf_global_rules": [
    {
      "secruleid": "text",
      "status": "enabled",
      "score": 1
    }
  ]
}

200

WAF resource mode change successful

{
  "status": true,
  "data": {}
}

Create WAF Resource

post

Creates a new WAF resource for the specified organization.

Path parameters

organization_uuidstringRequired

UUID of the organization

Body

resource_typestringRequiredExample: dynamic

data_sourcestringRequiredExample: origin

protocolstringRequiredExample: https

origin_urlstringRequiredExample: test.com

server_namestringRequiredExample: domain.test.com

resource_namestringRequiredExample: waf-213105900

extensionsstringRequiredExample: waf

Responses

200

WAF resource created successfully

application/json

post

POST /api/v1/cdn/{organization_uuid}/resource HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 176

{
  "resource_type": "dynamic",
  "data_source": "origin",
  "protocol": "https",
  "origin_url": "test.com",
  "server_name": "domain.test.com",
  "resource_name": "waf-213105900",
  "extensions": "waf"
}

200

WAF resource created successfully

{
  "status": true,
  "data": {
    "resource_uuid": "****-****-****-****",
    "resource_type": "dynamic",
    "resource_name": "waf-213105900",
    "cdn_url": "waf-213105900.mncdn.org",
    "resource_label": null,
    "ssl_certificate": "sni",
    "created_at": "2023-12-15T18:31:06.000000Z",
    "data_source": "origin",
    "server_name": "domain.test.com",
    "protocol": "https",
    "origin_url": "test.com",
    "gzip_text": false,
    "gzip_image": false,
    "brotli": false,
    "image_optimization": false,
    "webp": true,
    "avif": null,
    "http2": true,
    "status_qs": false,
    "status_secure_token": false
  }
}

Delete WAF Rules

put

Path parameters

organization_uuidstringRequired

The UUID of the organization

resource_uuidstringRequired

The UUID of the resource

Body

resource_uuidstringRequired

The UUID of the resource

waf_statusstring · enumRequired

The status of the WAF (on, detectiononly, off)

Possible values:

typestringRequired

The type of resource (should be 'waf')

Example: waf

waf_rulesobject[]Required

An empty array to indicate all rules should be deleted

Responses

200

WAF rules deletion successful

application/json

put

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 95

{
  "resource_uuid": "****-***-****-****",
  "waf_status": "detectiononly",
  "type": "waf",
  "waf_rules": []
}

200

WAF rules deletion successful

{
  "status": true,
  "data": {}
}

Create Custom WAF Rule

put

Path parameters

organization_uuidstringRequired

The UUID of the organization

resource_uuidstringRequired

The UUID of the resource

Body

resource_uuidstringRequired

The UUID of the resource

waf_statusstring · enumRequired

The status of the WAF (on, detectiononly, off)

Possible values:

typestringRequired

The type of resource (should be 'waf')

Example: waf

Responses

200

Custom WAF rule creation successful

application/json

put

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 606

{
  "resource_uuid": "***-****-*****-****",
  "waf_status": "detectiononly",
  "type": "waf",
  "waf_rules": [
    {
      "rule_name": "rule1",
      "conditions": [
        {
          "field": "user_agent",
          "operator": "contain",
          "value": "test"
        }
      ],
      "rule_action": "block"
    },
    {
      "rule_name": "rule2",
      "conditions": [
        {
          "field": "request_protocol",
          "operator": "not_contain",
          "value": "test"
        }
      ],
      "rule_action": "block"
    },
    {
      "rule_name": "rule6",
      "conditions": [
        {
          "field": "client_ip",
          "operator": "match",
          "value": [
            "1.1.1.1",
            "2.2.2.2"
          ]
        }
      ],
      "rule_action": "allow"
    },
    {
      "rule_name": "rule7",
      "conditions": [
        {
          "field": "request_method",
          "operator": "within",
          "value": [
            "GET",
            "POST",
            "PUT"
          ]
        }
      ],
      "rule_action": "allow"
    }
  ]
}

200

Custom WAF rule creation successful

{
  "status": true,
  "data": {}
}