Create CC Protection Rule
Create a new CC Protection.
Request
Request-Line
POST /waap/v1.0/waf/ccProtections HTTP/1.1
Request Parameters
Body Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| name | String | Mandatory | Name of the CC Protection.The name must have 1-26 characters. Valid characters: 0-9, A-Z, a-z, space, . (dot), _ (underline), - (hyphen), () (parentheses), * (asterisk) and + (plus sign). |
| description | String | Optional | The description can have 1-200 characters. |
| rateLimitTimes | Integer | Mandatory | The maximum number of requests allowed within the specified time. |
| rateLimitSeconds | Integer | Mandatory | List of website IDs to bind the CC Protection to. At least one ID is required. |
| metric | String | Mandatory | The strategy used for calculating the metrics. Supported values: IP, User-Agent and Cookie. |
| cumulativeEnabled | Boolean | Mandatory | Indicates whether cumulative calculation is enabled. If true, request counts are aggregated across all paths; if false, counts are calculated per path. Default is true if omitted. |
| paths | String[] | Mandatory | A list of URL paths to which the rule applies. Supports multiple entries and regular expressions. |
| action | String | Mandatory | Defines the operation executed when the rule is triggered. Supported values include Block, Redirect and Pass. |
| delay | Integer | Mandatory | The delay, in seconds, before the configured action is applied after the threshold is reached. |
| blockValue | Integer | Optional | The HTTP status code to return when the action is set to Block. |
| redirectValue | String | Optional | The URL or path to redirect requests to when the action is configured as Redirect. |
| autoWebAclDurationSeconds | Integer | Mandatory | The duration, in seconds, for which an offending IP address remains in the Web ACL after being added. |
| websites | Integer[] | Mandatory | List of website identifiers to which this rule is bound. |
Response
Response Body
| Property name | Type | Required | Description |
|---|---|---|---|
| ruleId | Integer | Mandatory | Unique identifier assigned to the created CC Protection. |
Status Codes, Error Codes and Error Messages
| Status Code | Error Code | Error Message |
|---|---|---|
| 400 | Request.BadRequest | Bad request. |
| 400 | Name.Invalid | Name is empty or invalid. |
| 400 | Websites.Invalid | Websites is empty or invalid. |
| 400 | RateLimitTimes.Invalid | RateLimitTimes is empty or invalid. |
| 400 | RateLimitSeconds.Invalid | RateLimitSeconds is empty or invalid. |
| 400 | Metric.Invalid | Metric is empty or invalid. |
| 400 | Action.Invalid | Action is empty or invalid. |
| 400 | Delay.Invalid | Delay is empty or invalid. |
| 400 | BlockValue.Invalid | BlockValue is empty or invalid. |
| 400 | Description.Invalid | Description is empty or invalid. |
| 400 | AutoWebAclDurationSeconds.Invalid | AutoWebAclDurationSeconds is empty or invalid. |
| 400 | RedirectValue.Invalid | RedirectValue is empty or invalid. |
| 400 | Paths.Invalid | Paths is empty or invalid. |
| 404 | Website.NotFound | Website is not found. |
Examples
Create CC Protection Rule
Request
POST /waap/v1.0/waf/ccProtections HTTP/1.1
{
"name": "test",
"description": "",
"rateLimitTimes": 100,
"rateLimitSeconds": 1,
"metric": "IP",
"cumulativeEnabled": true,
"paths": [
"/test"
],
"action": "Block",
"delay": 0,
"blockValue": 429,
"redirectValue": "/test",
"autoWebAclDurationSeconds": 600,
"websites": [101, 102]
}
Successful Response Body
{
"ruleId": 55
}