You can call this operation to query the list of precise access control rules for a specified domain name.
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
---|---|---|---|---|
Action | Boolean | No | DescribeAclRules |
The operation that you want to perform. Valid values: DescribeAclRules. |
CurrentPage | Integer | Yes | 1 |
The number of the page to return. For example, to query the returned results on the first page, enter 1. |
Domain | String | No | www.aliyun.com |
The domain that you want to add to WAF. |
InstanceId | String | No | waf_elasticity-cn-0xldbqtm005 |
The ID of the WAF instance. Note You can callDescribePayInfo to view your WAF instance ID.
|
PageSize | Integer | Yes | 10 |
The number of entries returned per page. |
Region | String | Yes | cn |
The ID of the region to which the WAF instance belongs. Set the value to:
|
Response parameters
Parameter | Type | Example | Description |
---|---|---|---|
RequestId | String | D7861F61-5B61-46CE-A47C-6B19160D5EB0 |
The ID of the request. |
Result |
The returned result. |
||
AclRules |
The list of HTTP-based ACL rules. Each ACL rule is described as a sub-parameter of AclRule. The AclRule sub-parameter is a JSON string. |
||
AclRule |
The list of HTTP-based ACL rules. Each ACL rule is described as a sub-parameter of AclRule. The AclRule sub-parameter is a JSON string. |
||
Action | Integer | 1 |
The matching action of the rule. Valid values:
|
Conditions |
The structure of rule matching conditions. |
||
condition |
The structure of rule matching conditions. |
||
Contain | String | 1 |
Logical operator:
|
Key | String | url |
The matching field. Valid values: IP, URL, Referer, User-Agent, Params, Cookie, Content-Type, X-Forwarded-For, Content-Length, Post-Body, Http-Method, and Header. Note Note: WAF instances of different versions support different fields. You can view the
supported fields in the Web Application Firewall console.
|
Value | String | login. |
The matching content. |
ContinueBlockGeo | Integer | 1 |
Indicates whether to continue region blocking. Valid values:
|
ContinueCc | Integer | 1 |
Indicates whether to proceed with the HTTP flood detection. Valid values:
|
ContinueDataRiskControl | Integer | 1 |
Indicates whether to continue data risk control protection. Valid values:
|
ContinueSA | Integer | 1 |
Indicates whether to perform the smart protection engine rule check. Valid values:
|
ContinueSdk | Integer | 1 |
Indicates whether to continue SDK protection. Valid values:
|
ContinueWaf | Integer | 1 |
Indicates whether to proceed with the Web attack protection rule detection. Valid values:
|
Id | Long | 1111 |
The ID of the ACL rule. |
IsDefault | Integer | 1 |
Indicates whether the rule is a default rule. Valid values:
|
Name | String | test |
The name of the rule. |
Order | Integer | 1 |
The order of the rules. Note Note: the greater the value, the higher the priority of the rule.
|
Total | Interger | 1 |
The total number of rules. |
Samples
Sample request
https://wafopenapi.cn-hangzhou.aliyuncs.com/? Action=DescribeAclRules
&Domain=www.aliyun.com
&CurrentPage=1
&PageSize=50
&Common request parameters
Sample success responses
XML
format
<DescribeAclRulesResponse>
<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>
<Result>
<AclRules>
<AclRule>
<IsDefault>1</IsDefault>
<Order>0</Order>
<ContinueBlockGeo>1</ContinueBlockGeo>
<Action>1</Action>
<ContinueWaf>1</ContinueWaf>
<ContinueSdk>0</ContinueSdk>
<Id>16572</Id>
<ContinueCc>1</ContinueCc>
<Conditions>
<condition>
<key>URL</key>
<contain>1</contain>
<value>asfas</value>
</condition>
</Conditions>
<Name>default</Name>
<ContinueDataRiskControl>1</ContinueDataRiskControl>
<ContinueSA>1</ContinueSA>
</AclRule>
</AclRules>
<Total>1</Total>
</Result>
</DescribeAclRulesResponse>
JSON
format
{
"Result":{
"AclRules":{
"AclRule":[
{
"Name":"default",
"Conditions":{
"condition":[
{
"contain":1,
"value":"asfas",
"key":"URL"
}
]
},
"ContinueDataRiskControl":1,
"Action":1,
"ContinueSdk":0,
"ContinueWaf":1,
"IsDefault":1,
"Order":0,
"Id":16572,
"ContinueCc":1,
"ContinueSA":1,
"ContinueBlockGeo":1
}
]
},
"Total":1
},
"RequestId":"D7861F61-5B61-46CE-A47C-6B19160D5EB0"
}
Error codes.
For a list of error codes, visit the API Error Center.