Web Application Firewall (WAF)

Manage WAF resources, modes, and custom rules through the Security API.

Create WAF Resource

post

Creates a new WAF-enabled CDN Resource for the specified organization.

Path parameters

organization_uuidstringRequired

UUID of the organization.

Body

resource_typestringRequiredExample: dynamic

data_sourcestringRequiredExample: origin

protocolstringRequiredExample: https

origin_urlstringRequiredExample: test.com

server_namestringRequiredExample: domain.test.com

resource_namestringRequiredExample: waf-213105900

extensionsstringRequiredExample: waf

Responses

200

WAF resource created successfully.

application/json

post

/api/v1/cdn/{organization_uuid}/resource

POST /api/v1/cdn/{organization_uuid}/resource HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 176

{
  "resource_type": "dynamic",
  "data_source": "origin",
  "protocol": "https",
  "origin_url": "test.com",
  "server_name": "domain.test.com",
  "resource_name": "waf-213105900",
  "extensions": "waf"
}

200

WAF resource created successfully.

{
  "status": true,
  "data": {
    "resource_uuid": "****-****-****-****",
    "resource_type": "dynamic",
    "resource_name": "waf-213105900",
    "cdn_url": "waf-213105900.mncdn.org",
    "ssl_certificate": "sni",
    "created_at": "2023-12-15T18:31:06Z",
    "data_source": "origin",
    "server_name": "domain.test.com",
    "protocol": "https",
    "origin_url": "test.com"
  }
}

Change WAF Resource Mode

put

Switch between detection, active, or disabled modes for the WAF.

Path parameters

organization_uuidstringRequired

UUID of the organization.

resource_uuidstringRequired

UUID of the WAF resource.

Body

resource_uuidstringRequired

waf_statusstring · enumRequired

WAF operating mode.

Possible values:

typestringRequiredExample: waf

Responses

200

WAF resource mode changed successfully.

application/json

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 126

{
  "resource_uuid": "text",
  "waf_status": "on",
  "type": "waf",
  "waf_global_rules": [
    {
      "secruleid": "text",
      "status": "enabled",
      "score": 1
    }
  ]
}

200

WAF resource mode changed successfully.

{
  "status": true,
  "data": {}
}

Create or Update Custom WAF Rules

put

Define or modify custom WAF rules, including conditions and actions.

Path parameters

organization_uuidstringRequired

UUID of the organization.

resource_uuidstringRequired

UUID of the WAF resource.

Body

resource_uuidstringRequired

waf_statusstring · enumRequiredPossible values:

typestringRequiredExample: waf

Responses

200

Custom WAF rule creation successful.

application/json

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}/rules

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid}/rules HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 186

{
  "resource_uuid": "text",
  "waf_status": "on",
  "type": "waf",
  "waf_rules": [
    {
      "rule_name": "text",
      "conditions": [
        {
          "field": "user_agent",
          "operator": "contain",
          "value": "text"
        }
      ],
      "rule_action": "allow"
    }
  ]
}

200

Custom WAF rule creation successful.

{
  "status": true,
  "data": {}
}

Delete All Custom WAF Rules

delete

Removes all defined custom rules for the WAF resource.

Path parameters

organization_uuidstringRequired

UUID of the organization.

resource_uuidstringRequired

UUID of the WAF resource.

Body

resource_uuidstringRequired

waf_statusstring · enumRequiredPossible values:

typestringRequiredExample: waf

waf_rulesobject[]Required

Empty array deletes all WAF rules.

Responses

200

WAF rules deleted successfully.

application/json

delete

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}/rules

DELETE /api/v1/cdn/{organization_uuid}/resource/{resource_uuid}/rules HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 95

{
  "resource_uuid": "****-***-****-****",
  "waf_status": "detectiononly",
  "type": "waf",
  "waf_rules": []
}

200

WAF rules deleted successfully.

{
  "status": true,
  "data": {}
}

PreviousSecurity NextSSL/TLS

Last updated 1 month ago

Was this helpful?