Create Automatic Interception Strategy Interface - AddAutoWafDomainBlackList
Overview
When an attack is detected, the source IP of the access is automatically added to the blacklist.
Definition
Public Parameters
| Parameter Name | Type | Description Information | Required |
|---|---|---|---|
| Action | string | Corresponding API command name, the current API is AddAutoWafDomainBlackList. | Yes |
| PublicKey | string | The user's public key can be obtained from Console (opens in a new tab) | Yes |
| Signature | string | User signature generated based on public key and API command, see Signature Algorithm | Yes |
Request Parameters
| Parameter Name | Type | Description Information | Required |
|---|---|---|---|
| ProjectId | string | Project ID. If not filled in, the default project is used, sub-accounts must be filled in. Please refer to the GetProjectList interface. | No |
| FullDomain | string | The domain name for defense can only be selected from the added domain names. | Yes |
| AttackType | string | Attack statistics type, all selected by default; Parameter options: protocol: Protocol violation, xss: XSS attack, sql: SQL injection, loopholes: Vulnerability attack, exec: Command execution, webshell: WebShell upload, eaa: Unauthorized access, infoleak: Information leakage, scan: Malicious scanning, cc: CC attack, other: Others | No |
| ActionType | string | Action after detecting an attack, default is forbidden, captcha is supported | No |
| ExpireTime | int | Set the expiration time for adding to the blacklist, in minutes. 0 means it is always valid, default is 60 minutes. | No |
| AttackCount | int | Attack threshold, default is 10 | No |
| Interval | int | Attack statistics interval, in seconds, default is 60 seconds | No |
Response Field
| Field Name | Type | Description Information | Required |
|---|---|---|---|
| RetCode | int | Return status code. If it is 0, it means successful return. If it is not 0, it means failure. | Yes |
| Action | string | Operation command name. | Yes |
| Message | string | Returns an error message, providing detailed description when RetCode is non-zero. | No |
| Id | int | The returned policy ID after successful addition | No |
Example
Request Example
https://api.surfercloud.com/?Action=AddAutoWafDomainBlackList
&ProjectId=org-xxx
&FullDomain=www.test.com
&ActionType=forbidden
&State=Enable
&ExpireTime=60
&AttackCount=10
&Interval=60Response Example
{
"Action": "AddAutoWafDomainBlackListResponse",
"Id": 8,
"RetCode": 0
}