Create Rate Limiting Rule

Create a new rate limiting rule and binds it to one or more websites.

Request

Request-Line

POST /waap/v1.0/pbrStrategy/rateLimitings HTTP/1.1

Request Parameters

Body Parameters

Parameter	Type	Required	Description
name	String	Mandatory	Rule name for web access control.
description	String	Optional	The description can have 1-200 characters.
pathOperator	String	Mandatory	Matching operator used to evaluate the request path. Supported values: equal, notEqual, contain, notContain, beginsWith, notBeginsWith, endsWith, notEndsWith, regex, notMatchRegex, include, exclude.
pathPattern	String	Mandatory	The path pattern to be matched against the request URI. The interpretation depends on pathOperator. For example, when pathOperator is contain, the rule triggers if the request path contains this value.
keyType	String	Mandatory	The request attribute used for matching. Supported values: ip, fingerprint, cookieId.
rateLimitType	String	Mandatory	Specifies the rate limiting mode. Supported values: rate (Queries per second) or timeWindow (Queries per Time Window).
rate	Integer	Optional	The maximum number of requests allowed per second. The valid range is 1 to 65535. Required when rateLimitType is rate.
burst	Integer	Optional	The maximum burst capacity above the configured rate. The valid range is 0 to 65535. Required when rateLimitType is rate.
windowUnit	String	Optional	The time unit of the rate limit window. Supported values: second, minute, hour. Required when rateLimitType is timeWindow.
maxRequests	Integer	Optional	The maximum number of requests allowed within the specified time window. The valid range is 1 to 65535. Required when rateLimitType is timeWindow.
devType	String[]	Mandatory	Specifies the device types that the rule applies to. Supported values: pc, mac, mobile. Multiple device types can be selected.
triggeringProbability	Integer	Mandatory	The probability (in percentage) that the configured action will be triggered when the request matches the rule. Supported values: 100, 90, 80, 70, 60, 50, 40, 30, 20, 10.
autoListKey	String	Mandatory	The key type used by Auto-Web ACL to automatically control request access. Supported values: ip, fingerprint.
autoListDuration	Integer	Mandatory	The duration (in seconds) that the key will remain in the Auto-Web ACL once triggered. The valid range is 0 to 600000.
websites	Integer[]	Mandatory	List of website IDs the rule applies to.

Response

Response Body

Parameter	Type	Description
ruleId	Integer	Unique identifier assigned to the created rate limiting rule.

Status Codes, Error Codes and Error Messages

Status Code	Error Code	Error Message
400	Request.BadRequest	Bad request.
400	Name.Invalid	Name is empty or invalid.
400	PathOperator.Invalid	PathOperator is empty or invalid.
400	PathPattern.Invalid	PathPattern is empty or invalid.
400	KeyType.Invalid	KeyType is empty or invalid.
400	RateLimitType.Invalid	RateLimitType is empty or invalid.
400	Rate.Invalid	Rate is empty or invalid.
400	Burst.Invalid	Burst is empty or invalid.
400	WindowUnit.Invalid	WindowUnit is empty or invalid.
400	MaxRequests.Invalid	MaxRequests is empty or invalid.
400	DevType.Invalid	DevType is empty or invalid.
400	TriggeringProbability.Invalid	TriggeringProbability is empty or invalid.
400	AutoListKey.Invalid	AutoListKey is empty or invalid.
400	AutoListDuration.Invalid	AutoListDuration is empty or invalid.
404	Website.NotFound	Website is not found.

Examples

Create Rate Limiting Rule

Request

POST /waap/v1.0/pbrStrategy/ratelimitings HTTP/1.1

{
    "name": "test111",
    "description": "test111",
    "pathOperator": "contain",
    "pathPattern": "/test",
    "keyType": "ip",
    "rateLimitType": "rate",
    "rate": 100,
    "burst": 100,
    "windowUnit": "minute",
    "maxRequests": 0,
    "devType": [
        "pc",
        "mac",
        "mobile"
    ],
    "triggeringProbability": 90,
    "autoListKey": "fingerprint",
    "autoListDuration": 111,
    "websites": []
}

Successful Response Body

{
    "ruleId": 261700,
}