Web Application Firewall (WAF)

Manage WAF resources, modes, and custom rules through the Security API.

Use the WAF endpoints to create WAF-enabled CDN Resources, change WAF operating mode, and manage custom WAF rules.

Create WAF Resource

post

Creates a CDN Resource with Web Application Firewall (WAF) enabled.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

organization_uuidstringRequired

Unique identifier of the organization.

Body

resource_typestringRequiredExample: dynamic

data_sourcestringRequiredExample: origin

protocolstringRequiredExample: https

origin_urlstringRequiredExample: test.com

server_namestringRequiredExample: domain.test.com

resource_namestringRequiredExample: waf-213105900

extensionsstringRequiredExample: waf

Responses

200

Returns the created WAF-enabled CDN Resource.

application/json

post

/api/v1/cdn/{organization_uuid}/resource

POST /api/v1/cdn/{organization_uuid}/resource HTTP/1.1
Host: cloud.medianova.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 176

{
  "resource_type": "dynamic",
  "data_source": "origin",
  "protocol": "https",
  "origin_url": "test.com",
  "server_name": "domain.test.com",
  "resource_name": "waf-213105900",
  "extensions": "waf"
}

200

Returns the created WAF-enabled CDN Resource.

{
  "status": true,
  "data": {
    "resource_uuid": "****-****-****-****",
    "resource_type": "dynamic",
    "resource_name": "waf-213105900",
    "cdn_url": "waf-213105900.mncdn.org",
    "ssl_certificate": "sni",
    "created_at": "2023-12-15T18:31:06Z",
    "data_source": "origin",
    "server_name": "domain.test.com",
    "protocol": "https",
    "origin_url": "test.com"
  }
}

Update WAF Mode

put

Updates the operating mode of the Web Application Firewall (WAF) for the specified Resource.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

organization_uuidstringRequired

Unique identifier of the organization.

resource_uuidstringRequired

Unique identifier of the WAF-enabled CDN Resource.

Body

resource_uuidstringRequired

waf_statusstring · enumRequired

WAF operating mode.

Possible values:

typestringRequiredExample: waf

Responses

200

Returns a confirmation indicating that the WAF mode was updated.

application/json

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 126

{
  "resource_uuid": "text",
  "waf_status": "on",
  "type": "waf",
  "waf_global_rules": [
    {
      "secruleid": "text",
      "status": "enabled",
      "score": 1
    }
  ]
}

200

Returns a confirmation indicating that the WAF mode was updated.

{
  "status": true,
  "data": {}
}

Create or Update Custom WAF Rules

put

Creates or updates custom WAF rules for the specified Resource.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

organization_uuidstringRequired

Unique identifier of the organization.

resource_uuidstringRequired

Unique identifier of the WAF-enabled CDN Resource.

Body

resource_uuidstringRequired

waf_statusstring · enumRequiredPossible values:

typestringRequiredExample: waf

Responses

200

Returns a confirmation indicating that the custom WAF rules were applied.

application/json

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}/rules

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid}/rules HTTP/1.1
Host: cloud.medianova.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 186

{
  "resource_uuid": "text",
  "waf_status": "on",
  "type": "waf",
  "waf_rules": [
    {
      "rule_name": "text",
      "conditions": [
        {
          "field": "user_agent",
          "operator": "contain",
          "value": "text"
        }
      ],
      "rule_action": "allow"
    }
  ]
}

200

Returns a confirmation indicating that the custom WAF rules were applied.

{
  "status": true,
  "data": {}
}

Delete All Custom WAF Rules

delete

Deletes all custom WAF rules associated with the specified Resource.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

organization_uuidstringRequired

Unique identifier of the organization.

resource_uuidstringRequired

Unique identifier of the WAF-enabled CDN Resource.

Body

resource_uuidstringRequired

waf_statusstring · enumRequiredPossible values:

typestringRequiredExample: waf

waf_rulesobject[]Required

Provide an empty array to delete all custom WAF rules.

Responses

200

Returns a confirmation indicating that all custom WAF rules were deleted.

application/json

delete

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}/rules

DELETE /api/v1/cdn/{organization_uuid}/resource/{resource_uuid}/rules HTTP/1.1
Host: cloud.medianova.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 95

{
  "resource_uuid": "****-***-****-****",
  "waf_status": "detectiononly",
  "type": "waf",
  "waf_rules": []
}

200

Returns a confirmation indicating that all custom WAF rules were deleted.

{
  "status": true,
  "data": {}
}

PreviousSecurity NextSSL/TLS

Last updated 15 days ago

Was this helpful?