DescribeWebRules
This topic describes how to configure web forwarding rules.
Operation description
This API runs a paginated query to retrieve the configurations of your web rules, such as the forwarding protocol type, origin server addresses, HTTPS settings, and IP blocklist configuration.
Before calling this API, you must first create a web rule by calling CreateWebRule.
QPS limit
The per-user QPS limit for this API is 50. Calls that exceed this limit are throttled, which can impact your services. Please plan your calls accordingly.
Try it now
Test
RAM authorization
|
Action |
Access level |
Resource type |
Condition key |
Dependent action |
|
yundun-ddoscoo:DescribeWebRules |
list |
*All Resource
|
None | None |
Request parameters
|
Parameter |
Type |
Required |
Description |
Example |
| ResourceGroupId |
string |
No |
The ID of the resource group to which the Anti-DDoS Pro instance belongs in Resource Management. If you omit this parameter, the system uses the default resource group. |
rg-acfm2pz25js**** |
| Domain |
string |
No |
The domain to query. Note
The domain must have a web rule configured. You can call DescribeDomains to query all domains that have web rules. |
example.com |
| Cname |
string |
No |
The CNAME to query. |
kzmk7b8tt351****.aliyunddos1014**** |
| QueryDomainPattern |
string |
No |
The matching mode for the query. Valid values:
|
exact |
| PageNumber |
integer |
No |
The page number to return. Default: 1. |
1 |
| PageSize |
integer |
No |
The number of web rules per page. Valid values: 1 to 10. |
10 |
| InstanceIds |
array |
No |
An array of Anti-DDoS Pro instance IDs to query. |
ddoscoo-cn-mp91j1ao**** |
|
string |
No |
The ID of an Anti-DDoS Pro instance. You can specify up to 200 instance IDs. Note
You can call DescribeInstanceIds to query the IDs of all Anti-DDoS Pro instances. |
ddoscoo-cn-i7m27nf3**** |
When you call this API, you must include the Alibaba Cloud common request parameters in addition to the parameters described in this topic. For details, see common parameters.
For the request format, see the request example in the Examples section.
Response elements
|
Element |
Type |
Description |
Example |
|
object |
|||
| TotalCount |
integer |
The total number of web forwarding rules returned. |
1 |
| RequestId |
string |
The request ID. Alibaba Cloud generates this unique identifier for each request. You can use this ID to troubleshoot issues. |
0F5B72DD-96F4-423A-B12B-A5151DD746B8 |
| WebRules |
array<object> |
An array of web forwarding rules. |
|
|
array<object> |
|||
| Domain |
string |
The website domain. |
example.com |
| Http2HttpsEnable |
boolean |
Indicates whether forced HTTPS redirection is enabled. Valid values:
|
true |
| SslProtocols |
string |
The supported TLS protocol version. Valid values:
|
tls1.1 |
| PunishReason |
integer |
The reason the domain is penalized for non-compliance. Valid values:
If both reasons 1 and 2 apply, this parameter returns 2. |
1 |
| CcTemplate |
string |
The CC protection mode. Valid values:
|
default |
| CcEnabled |
boolean |
Indicates whether CC protection is enabled. Valid values:
|
true |
| SslCiphers |
string |
The cipher suite type. Valid values:
|
default |
| Ssl13Enabled |
boolean |
Indicates whether TLS 1.3 is enabled. Valid values:
|
false |
| CcRuleEnabled |
boolean |
Indicates whether custom CC protection is enabled. Valid values:
|
false |
| OcspEnabled |
boolean |
Indicates whether OCSP is enabled. Valid values:
|
false |
| PunishStatus |
boolean |
Indicates whether the domain is penalized. Valid values:
|
true |
| ProxyEnabled |
boolean |
Indicates whether the web forwarding rule is enabled. Valid values:
|
true |
| CertName |
string |
The name of the certificate. |
testcert |
| PolicyMode |
string |
This parameter is deprecated. For more information, see the |
ip_hash |
| Cname |
string |
The CNAME address assigned by Anti-DDoS for the website domain. |
kzmk7b8tt351****.aliyunddos1014**** |
| Http2Enable |
boolean |
Indicates whether HTTP/2 support is enabled. Valid values:
|
true |
| Https2HttpEnable |
boolean |
Indicates whether HTTP back-to-origin is enabled. Valid values:
|
true |
| ProxyTypes |
array<object> |
The forwarding protocol and port settings. |
|
|
object |
|||
| ProxyType |
string |
The forwarding protocol. Valid values:
|
https |
| ProxyPorts |
array |
A list of ports. |
|
|
string |
The port number. |
443 |
|
| RealServers |
array<object> |
Details about the origin servers. |
|
|
object |
|||
| RsType |
integer |
The type of the origin server address. Valid values:
|
0 |
| RealServer |
string |
The origin server address. |
192.0.XX.XX |
| WhiteList |
array |
The IP allowlist for the domain. |
|
|
string |
An IP address in the allowlist. Note
This parameter is returned only if you have configured a domain-level IP allowlist. You can call the ConfigWebIpSet operation to configure an IP allowlist or IP blocklist for a website domain. |
192.168.XX.XX |
|
| BlackList |
array |
The IP blocklist for the domain. |
|
|
string |
An IP address in the blocklist. Note
This parameter is returned only if you have configured a domain-level IP blocklist. You can call the ConfigWebIpSet operation to configure an IP allowlist or IP blocklist for a website domain. |
192.0.XX.XX |
|
| CustomCiphers |
array |
A list of custom cipher suites. |
|
|
string |
A custom cipher suite. |
ECDHE-ECDSA-AES128-GCM-SHA256 |
|
| GmCert |
object |
The GM (Guomi) settings. |
|
| CertId |
string |
The ID of the GM (Guomi) certificate. |
725**** |
| GmEnable |
integer |
Indicates whether GM (Guomi) verification is enabled.
|
1 |
| GmOnly |
integer |
Indicates whether access is allowed only from clients that support GM (Guomi) cryptography.
|
1 |
| CertRegion |
string |
The region where the certificate is used. Valid values:
|
cn-hangzhou |
| UserCertName |
string |
The name of the certificate that you uploaded to Certificate Management Service. |
test |
| Tls13CustomCiphers |
array |
A list of cipher suites for TLS 1.3. |
|
|
string |
A cipher suite for TLS 1.3. |
ECDHE-RSA-AES128-GCM-SHA256 |
|
| CertExpireTime |
integer |
The expiration timestamp of the associated certificate. Note
This parameter is deprecated. |
1765959120 |
| WafProtectionEnable |
boolean |
Examples
Success response
JSON format
{
"TotalCount": 1,
"RequestId": "0F5B72DD-96F4-423A-B12B-A5151DD746B8",
"WebRules": [
{
"Domain": "example.com",
"Http2HttpsEnable": true,
"SslProtocols": "tls1.1",
"PunishReason": 1,
"CcTemplate": "default",
"CcEnabled": true,
"SslCiphers": "default",
"Ssl13Enabled": false,
"CcRuleEnabled": false,
"OcspEnabled": false,
"PunishStatus": true,
"ProxyEnabled": true,
"CertName": "testcert",
"PolicyMode": "ip_hash",
"Cname": "kzmk7b8tt351****.aliyunddos1014****",
"Http2Enable": true,
"Https2HttpEnable": true,
"ProxyTypes": [
{
"ProxyType": "https",
"ProxyPorts": [
"443"
]
}
],
"RealServers": [
{
"RsType": 0,
"RealServer": "192.0.XX.XX"
}
],
"WhiteList": [
"192.168.XX.XX"
],
"BlackList": [
"192.0.XX.XX"
],
"CustomCiphers": [
"ECDHE-ECDSA-AES128-GCM-SHA256"
],
"GmCert": {
"CertId": "725****",
"GmEnable": 1,
"GmOnly": 1
},
"CertRegion": "cn-hangzhou",
"UserCertName": "test",
"Tls13CustomCiphers": [
"ECDHE-RSA-AES128-GCM-SHA256"
],
"CertExpireTime": 1765959120,
"WafProtectionEnable": false
}
]
}
Error codes
See Error Codes for a complete list.
Release notes
See Release Notes for a complete list.