ModifyWebPreciseAccessRule
Creates or edits a precise access control rule for a website.
Try it now
Test
RAM authorization
|
Action |
Access level |
Resource type |
Condition key |
Dependent action |
|
yundun-ddoscoo:ModifyWebPreciseAccessRule |
update |
*All Resource
|
None | None |
Request parameters
|
Parameter |
Type |
Required |
Description |
Example |
| ResourceGroupId |
string |
No |
The ID of the resource group to which the Anti-DDoS Pro instance belongs. If you do not specify this parameter, the instance belongs to the default resource group. |
rg-acfm2pz25js**** |
| Domain |
string |
Yes |
The domain of the website. Note
You must configure a forwarding rule for the domain. You can call the DescribeDomains operation to query all domains. |
example.aliyundoc.com |
| Rules |
string |
Yes |
The configuration of the precise access control rule, specified as a JSON-formatted string. The string has the following structure:
|
[{"action":"block","name":"testrule","condition":[{"field":"uri","match_method":"contain","content":"/test/123"}]}] |
| Expires |
integer |
No |
The validity period of the rule, in seconds. This parameter applies only when action is set to block. Requests that match the rule are blocked for the specified duration. If you do not specify this parameter, the rule is permanently effective. |
600 |
Field and match method
| Match field | Description | Match method |
| ip | The source IP address of the request. | belong: Belongs to nbelong: Does not belong to ipinlist: In list ipninlist: Not in list |
| uri | The URI of the request. | contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than prefix: Matches prefix inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| referer | The referer of the request. This indicates the webpage from which the request is initiated. | contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than nexist: Does not exist inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| user-agent | The user agent of the client that initiated the request. This includes information such as the browser identity, rendering engine, and version. | contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| params | The parameters in the request URL, which typically refer to the part after the question mark (?). For example, in demo.aliyundoc.com/index.html?action=login, action=login is the parameter part. | contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| cookie | The cookie information in the request. | contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than nexist: Does not exist inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| content-type | The HTTP content type (MIME type) specified in the request. | contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| x-forwarded-for | The original IP address of the client. X-Forwarded-For (XFF) is an HTTP request header used to identify the originating IP address of a client connecting to a web server through an HTTP proxy or a load balancer. This field is included only in requests forwarded by an HTTP proxy or a load balancer. | contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than nexist: Does not exist inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| content-length | The size of the request body in bytes. | vless: Value is less than vequal: Value equals vgreat: Value is greater than |
| post-body | The request body. | contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| http-method | The HTTP method, such as GET or POST. | equal: Equals nequal: Does not equal inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| header | The request header. This is used for custom HTTP header fields. | contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than nexist: Does not exist inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| ja3-fingerprint | The JA3 fingerprint. | equal: Equals nequal: Does not equal inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| ja4-fingerprint | The JA4 fingerprint. | equal: Equals nequal: Does not equal inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| tls-fingerprint | The client TLS fingerprint. | equal: Equals nequal: Does not equal inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| http2-fingerprint | The HTTP/2.0 fingerprint. | equal: Equals nequal: Does not equal inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
| scheme | The HTTP or HTTPS scheme. | equal: Equals nequal: Does not equal |
| protocol | The HTTP version. | equal: Equals nequal: Does not equal inlist: Equals one of multiple values ninlist: Does not equal any of multiple values |
Match method and content
| Match method | Description | Match content |
| inlist | Equals one of multiple values. | content_list: A list of values to match |
| ninlist | Does not equal any of multiple values. | content_list: A list of values to match |
| equal | Equals. | content: The value to match |
| nequal | Does not equal. | content: The value to match |
| contain | Contains. | content: The value to match |
| ncontain | Does not contain. | content: The value to match |
| lless | Length is less than. | content: The value to match |
| lequal | Length equals. | content: The value to match |
| lgreat | Length is greater than. | content: The value to match |
Response elements
|
Element |
Type |
Description |
Example |
|
object |
The response object. |
||
| RequestId |
string |
The unique ID of the request. You can use this ID to locate and troubleshoot issues. |
F908E959-ADA8-4D7B-8A05-FF2F67F50964 |
Examples
Success response
JSON format
{
"RequestId": "F908E959-ADA8-4D7B-8A05-FF2F67F50964"
}
Error codes
See Error Codes for a complete list.
Release notes
See Release Notes for a complete list.