ConfigWebCCRuleV2 - Anti-DDoS - Alibaba Cloud Documentation Center

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

No authorization for this operation. If you encounter issues with this operation, contact technical support.

Request parameters

Parameter	Type	Required	Description	Example
Domain	string	Yes	The domain name of the website. Note A forwarding rule must be configured for the domain name. You can call DescribeDomains to query all domain names.	www.example.com
RuleList	string	Yes	The configurations of the frequency control rule, in a JSON-formatted string. The string contains the following fields. action: String. Required. The action to take. Valid values: block: Block requests. challenge: Perform a JavaScript Challenge. watch: Monitor requests. name: String. Required. The name of the rule. condition: Map. Required. The match condition. The value is a JSON object that contains the following fields. Note If you specify multiple match conditions, the logical relationship between these conditions is AND. field: String. Required. The match field. match_method: String. Required. The match method. Note For more information about the valid values of field and match_method, see the supplementary description that follows this table. header_name: String. Optional. The name of the custom HTTP header field. Note This parameter takes effect only when field is set to header. content: String. Required. The match content. ratelimit: String. Required. The rate limiting settings used to collect statistics based on IP addresses or custom headers. The value is a JSON object that contains the following fields. interval: Integer. Required. The statistical duration, in seconds. ttl: Integer. Required. The period of time during which the action takes effect, in seconds. threshold: Integer. Required. The threshold. Unit: times. subkey: String. Optional. The name of the field. This parameter is required only when the statistical source is a header. target: String. Required. The statistical source. Valid values: ip and header. status_code: String. Optional. The status code settings used to collect statistics based on the number or frequency of status codes. The value is a JSON object that contains the following fields. enabled: Boolean. Required. Specifies whether to enable status code statistics. code: Integer. Required. The status code. Valid values: 100 to 599. use_ratio: Boolean. Required. Specifies whether to use a ratio. If this parameter is set to true, ratio_threshold is required. ratio_threshold: Integer. Optional. The ratio of status codes. If use_ratio is true, the action is triggered only when the ratio of the specified status code reaches the ratio_threshold value. Valid values: 1 to 100. count_threshold: Integer. Optional. The number of status codes. If use_ratio is not true, the action is triggered only when the number of the specified status code reaches the count_threshold value. Valid values: 2 to 50000. statistics: String. Optional. The deduplication settings. By default, statistics are not deduplicated. The value is a JSON object that contains the following fields. mode: String. Required. The mode for deduplication. Valid values: count: Does not remove duplicates. distinct: Removes duplicates. field: String. Required. The statistical source. For deduplication, only ip, header, and uri are supported. header_name: String. Optional. The name of the field. This parameter is required only when the statistical source is a header.	[{"action":"block","name":"trdsss","statistics":{"mode":"count","field":"header","header_name":"hahah"},"ratelimit":{"interval":60,"ttl":300,"threshold":70,"target":"ip"},"status_code":{"enabled":true,"code":404,"use_ratio":true,"ratio_threshold":80,"count_threshold":2},"condition":[{"field":"ip","match_method":"belong","content":"1.1.1.1"}]}]
Expires	integer	No	The validity period of the rule, in seconds. The default value is 0. A value of 0 indicates that the rule is permanently valid.	0

Valid values for field and match_method

Match field (field)	Description	Applicable logical operator (match_method)
ip	The source IP address of the request.	belong: Belongs to nbelong: Does not belong to ipinlist: Is in the list ipninlist: Is not in the list
uri	The URI of the request.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than prefix: Matches a prefix inlist: Is in the list ninlist: Is not in the list
referer	The referer of the request. This indicates the page from which the request was redirected.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than nexist: Does not exist inlist: Is in the list ninlist: Is not in the list
user-agent	The user agent of the client that sends the request. This includes information such as the identifier of the browser, rendering engine, and version.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than inlist: Is in the list ninlist: Is not in the list
params	The parameters in the request URL. This refers to the part of the URL that follows the question mark (?). For example, in `demo.aliyundoc.com/index.html?action=login`, `action=login` is the parameter.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than inlist: Is in the list ninlist: Is not in the list
cookie	The cookie in the request.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than nexist: Does not exist inlist: Is in the list ninlist: Is not in the list
content-type	The HTTP content type of the request. This is the Multipurpose Internet Mail Extensions (MIME) type.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than inlist: Is in the list ninlist: Is not in the list
x-forwarded-for	The real IP address of the client. The X-Forwarded-For (XFF) header field is used to identify the original IP address of a client that connects to a web server through an HTTP proxy or a Server Load Balancer. This header is included only in requests forwarded by an HTTP proxy or a Server Load Balancer.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than nexist: Does not exist inlist: Is in the list ninlist: Is not in the list
content-length	The length of the request body in bytes.	vless: Value is less than vequal: Value equals vgreat: Value is greater than
post-body	The content of the request body.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal inlist: Is in the list ninlist: Is not in the list
http-method	The HTTP method of the request, such as GET or POST.	equal: Equals nequal: Does not equal inlist: Is in the list ninlist: Is not in the list
header	A custom HTTP header field in the request.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than nexist: Does not exist inlist: Is in the list ninlist: Is not in the list
scheme	The protocol of the request, such as HTTP or HTTPS.	equal: Equals nequal: Does not equal
protocol	The HTTP version of the request, such as HTTP/1.0, HTTP/1.1, or HTTP/2.0.	equal: Equals nequal: Does not equal inlist: Is in the list ninlist: Is not in the list
http2-fingerprint	The HTTP/2.0 fingerprint of the request.	equal: Equals nequal: Does not equal inlist: Is in the list ninlist: Is not in the list
ja3-fingerprint	The JA3 fingerprint of the request.	equal: Equals nequal: Does not equal inlist: Is in the list ninlist: Is not in the list
ja4-fingerprint	The JA4 fingerprint of the request.	equal: Equals nequal: Does not equal inlist: Is in the list ninlist: Is not in the list
area	The continent or country from which the request is initiated.	areainlist: Is in the location blacklist
uri-path	The URI path of the request.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than prefix: Matches a prefix inlist: Is in the list ninlist: Is not in the list
cookie-name	A custom cookie.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than prefix: Matches a prefix inlist: Is in the list ninlist: Is not in the list
query-parameter	A custom request parameter.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than prefix: Matches a prefix inlist: Is in the list ninlist: Is not in the list
server-port	The server port of the request.	vless: Value is less than vequal: Value equals vgreat: Value is greater than

Response elements

Element	Type	Description	Example
	object
RequestId	string	The ID of the request. Alibaba Cloud generates a unique ID for each request. You can use the ID to troubleshoot issues.	0bcf28g5-d57c-11e7-9bs0-d89d6717dxbc

Examples

Success response

JSON format

{
  "RequestId": "0bcf28g5-d57c-11e7-9bs0-d89d6717dxbc"
}

Error codes

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.