ModifyWebPreciseAccessRule - Anti-DDoS - Alibaba Cloud Documentation Center

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

yundun-ddoscoo:ModifyWebPreciseAccessRule

update

*All Resource

*

None

Request parameters

Parameter	Type	Required	Description	Example
ResourceGroupId	string	No	The ID of the resource group to which the Anti-DDoS Pro or Anti-DDoS Premium instance belongs in Resource Management. If you do not specify this parameter, the instance belongs to the default resource group.	rg-acfm2pz25js****
Domain	string	Yes	The domain name of the website. Note A forwarding rule must be configured for the domain name. You can call DescribeDomains to query all domain names.	example.aliyundoc.com
Rules	string	Yes	The settings for the precise access control rules, specified in a JSON string. The structure is as follows. action: A string. Required. The action to take. Valid values: accept: Allow block: Block challenge: JavaScript Challenge watch: Monitor name: A string. Required. The name of the rule. condition: A map. Required. The match condition. The structure is as follows. Note If you specify multiple match conditions, the conditions have a logical AND relationship. field: A string. Required. The match field. match_method: A string. Required. The match method. Note For information about the valid values for field and match_method, see the table below. content: A string. Required. The match content. header_name: A string. Optional. The name of the header field. This parameter takes effect only when field is set to header.	[{"action":"block","name":"testrule","condition":[{"field":"uri","match_method":"contain","content":"/test/123"}]}]
Expires	integer	No	The validity period of the rule, in seconds. This parameter takes effect only when action is set to block. It blocks access requests for the specified period. If you do not specify this parameter, the rule is permanently valid.	600

Valid values for field and match_method

Match field (field)	Description	Applicable operators (match_method)
ip	The source IP address of the request.	belong: Belongs to nbelong: Does not belong to
uri	The URI of the request.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than regular: Regex Match
referer	The referer of the request, which indicates the page from which the request was redirected.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than nexist: Does not exist regular: Regex Match
user-agent	The User-Agent of the client that initiated the request. This includes browser information such as the browser identifier, rendering engine, and version.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than regular: Regex Match
params	The parameter section of the request URL. This is the part of the URL that follows the question mark (?). For example, in `demo.aliyundoc.com/index.html?action=login`, `action=login` is the parameter section.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than
cookie	The cookie information in the request.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than nexist: Does not exist
content-type	The HTTP content type of the response specified in the request. This is the Multipurpose Internet Mail Extensions (MIME) type information.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than
x-forwarded-for	The real IP address of the client. The X-Forwarded-For (XFF) is an HTTP header field that identifies the original IP address of a client connecting to a web server through an HTTP proxy or a load balancer. This field appears only in requests forwarded by an HTTP proxy or a load balancer.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than nexist: Does not exist regular: Regex Match
content-length	The number of bytes in the request.	vless: Value is less than vequal: Value equals vgreat: Value is greater than
post-body	The content of the request.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal regular: Regex Match
http-method	The method of the request, such as GET or POST.	equal: Equals nequal: Does not equal
header	The header of the request, which is used for custom HTTP header fields.	contain: Contains ncontain: Does not contain equal: Equals nequal: Does not equal lless: Length is less than lequal: Length equals lgreat: Length is greater than nexist: Does not exist

Response elements

Element	Type	Description	Example
	object
RequestId	string	The unique ID of the request. This ID is generated by Alibaba Cloud and can be used to troubleshoot and locate issues.	F908E959-ADA8-4D7B-8A05-FF2F67F50964

Examples

Success response

JSON format

{
  "RequestId": "F908E959-ADA8-4D7B-8A05-FF2F67F50964"
}

Error codes

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.