Modify Automatic Blocking Rules - ModifyAutoWafDomainBlackList
Overview
Modify the automatic interception rules, when an attack is detected, automatically add the source IP of the visit to the blacklist.
Definition
Public Parameters
| Parameter Name | Type | Description Information | Required |
|---|---|---|---|
| Action | string | Corresponding API command name, the current API is ModifyAutoWafDomainBlackList. | Yes |
| PublicKey | string | The user's public key can be obtained from Console (opens in a new tab) | Yes |
| Signature | string | User signature generated based on public key and API command, see Signature Algorithm | Yes |
Request Parameters
| Parameter Name | Type | Description Information | Required |
|---|---|---|---|
| ProjectId | string | Project ID. If not filled in, the default project is used, sub-accounts must be filled in. Please refer to the GetProjectList interface. | No |
| ID | int | ID of the auto-block rule that needs to be modified | Yes |
| FullDomain | string | The domain name for defense can only be selected from the added domain names. | Yes |
| AttackType | string | Attack types, by default all attack types are counted, optional values: all|protocol|xss|sql|loopholes|exec|webshell|eaa|infoleak|scan|cc|other etc. | No |
| ActionType | string | Action after detecting an attack, default is forbidden, captcha is supported | No |
| ExpireTime | int | After the rule takes effect, add the expiration time for the blacklist, in minutes. 0 means it is always valid, default is 60 minutes. | No |
| AttackCount | int | Attack threshold, default is 10 | No |
| Interval | int | Attack statistics interval, in seconds, default is 60 seconds | No |
Response Field
| Field Name | Type | Description Information | Required |
|---|---|---|---|
| RetCode | int | Return status code. If it is 0, it means successful return. If it is not 0, it means failure. | Yes |
| Action | string | Operation command name. | Yes |
| Message | string | Returns an error message, providing detailed description when RetCode is non-zero. | No |
Example
Request Example
https://api.surfercloud.com/?Action=ModifyAutoWafDomainBlackList
&ProjectId=org-xxx
&ID=2
&FullDomain=www.test.com
&ActionType=forbidden
&ExpireTime=60
&AttackCount=10
&AttackType=eaa
&Interval=60Response Example
{
"Action": "ModifyAutoWafDomainBlackListResponse",
"RetCode": 0
}