Create Web Access Control Rule
Create a new web access control rule and binds it to one or more websites.
Request
Request-Line
POST /waap/v1.0/pbrStrategy/webAccessControls HTTP/1.1
Request Parameters
Body Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| name | String | Mandatory | Rule name for web access control. |
| description | String | Optional | The description can have 1-200 characters. |
| pathOperator | String | Mandatory | Matching operator used to evaluate the request path. Supported values: equal, notEqual, contain, notContain, beginsWith, notBeginsWith, endsWith, notEndsWith, regex, notMatchRegex, include, exclude. |
| pathPattern | String | Mandatory | The path pattern to be matched against the request URI. The interpretation depends on pathOperator. For example, when pathOperator is contain, the rule triggers if the request path contains this value. |
| keyType | String | Mandatory | The request attribute used for matching. Supported values: ip, fingerprint, userAgent, cookieId. |
| keyValue | String[] | Mandatory | One or more values used to match against the selected keyType. Multiple values can be provided. |
| keyRegex | Boolean | Optional | Indicates whether keyValue should be interpreted as a regular expression. This field is only applicable when keyType is fingerprint, userAgent, or cookieId. Default is false. |
| devType | String[] | Mandatory | Specifies the device types that the rule applies to. Supported values: pc, mac, mobile. Multiple device types can be selected. |
| triggeringProbability | Integer | Mandatory | The probability (in percentage) that the configured action will be triggered when the request matches the rule. Supported values: 100, 90, 80, 70, 60, 50, 40, 30, 20, 10. |
| autoListKey | String | Mandatory | The key type used by Auto-Web ACL to automatically control request access. Supported values: ip, fingerprint. |
| autoListDuration | Integer | Mandatory | The duration (in seconds) that the key will remain in the Auto-Web ACL once triggered. The valid range is 0 to 600000. |
| websites | Integer[] | Mandatory | List of website IDs the rule applies to. |
Response
Response Body
| Parameter | Type | Description |
|---|---|---|
| ruleId | Integer | Unique identifier assigned to the created web access control rule. |
Status Codes, Error Codes and Error Messages
| Status Code | Error Code | Error Message |
|---|---|---|
| 400 | Request.BadRequest | Bad request. |
| 400 | Name.Invalid | Name is empty or invalid. |
| 400 | PathOperator.Invalid | PathOperator is empty or invalid. |
| 400 | PathPattern.Invalid | PathPattern is empty or invalid. |
| 400 | KeyType.Invalid | KeyType is empty or invalid. |
| 400 | KeyValue.Invalid | KeyValue is empty or invalid. |
| 400 | DevType.Invalid | DevType is empty or invalid. |
| 400 | TriggeringProbability.Invalid | TriggeringProbability is empty or invalid. |
| 400 | AutoListKey.Invalid | AutoListKey is empty or invalid. |
| 400 | AutoListDuration.Invalid | AutoListDuration is empty or invalid. |
| 404 | Website.NotFound | Website is not found. |
Examples
Create Web Access Control Rule
Request
POST /waap/v1.0/pbrStrategy/webAccessControls HTTP/1.1
{
"name": "test",
"description": "test",
"pathOperator": "endsWith",
"pathPattern": "/test",
"keyType": "userAgent",
"keyValue": [
"test"
],
"keyRegex": false,
"devType": [
"pc",
"mac",
"mobile"
],
"triggeringProbability": 10,
"autoListKey": "ip",
"autoListDuration": 60,
"websites": []
}
Successful Response Body
{
"ruleId": 261700,
}