All Products
Search

This Product

    Web Application Firewall:API overview

    Document Center

    Web Application Firewall:API overview

    Last Updated:Mar 31, 2026

    The following tables list the API operations available in Web Application Firewall (WAF).

    Instance management

    APIDescription
    DescribeInstanceInfoQueries the basic information about the WAF instance that you purchase, including its ID, type, and status.
    DescribeInstanceSpecInfoQueries the specification information about the WAF instance that you purchase.
    DeleteInstanceReleases a subscription WAF instance that expires.

    Domain name configurations

    APIDescription
    DescribeDomainNamesQueries all domain names added to WAF in a single call. We recommend that you call DescribeDomainList instead, which supports filtering and returns results by page.
    DescribeDomainListQueries domain names added to WAF by page, with support for filtering conditions. If you want to query a large number of domain names, we recommend that you call this operation.
    DescribeDomainQueries the configuration of a specific domain name added to WAF.
    CreateDomainAdds a domain name to WAF.
    ModifyDomainModifies the configuration of a specific domain name.
    DeleteDomainRemoves a domain name from WAF.
    DescribeCertificatesQueries the certificates associated with a domain name. Certificates are managed by SSL Certificates Service.
    DescribeCertMatchStatusChecks whether the certificate and private key uploaded for a domain name match each other.
    CreateCertificateUploads the certificate and private key for a domain name added to WAF.
    CreateCertificateByCertificateIdUploads the certificate for a domain name based on the certificate ID.
    DescribeDomainBasicConfigsQueries the protection status of a domain name added to WAF.
    DescribeDomainAdvanceConfigsQueries the configuration details of a domain name added to WAF.

    Protection configuration

    APIDescription
    ModifyDomainIpv6StatusEnables or disables IPv6 traffic protection for a domain name.
    DescribeProtectionModuleStatusQueries whether a WAF protection module is enabled. Supported modules include web intrusion prevention, data security, advanced protection, bot management, and access control or throttling.
    ModifyProtectionModuleStatusEnables or disables a WAF protection module. Supported modules include web intrusion prevention, data security, advanced protection, bot management, and access control or throttling.
    DescribeProtectionModuleModeQueries the protection mode of a WAF protection module. Supported modules include the protection rules engine, big data deep learning engine, HTTP flood protection, data risk control, and positive security model.
    ModifyProtectionModuleModeModifies the protection mode of a WAF protection module. Supported modules include the protection rules engine, big data deep learning engine, HTTP flood protection, data risk control, and positive security model.
    DescribeProtectionModuleRulesQueries the rules created for a WAF protection module. Supported modules include web intrusion prevention, data security, bot management, access control or throttling, and website whitelist.
    CreateProtectionModuleRuleCreates rules for a WAF protection module. Supported modules include web intrusion prevention, data security, bot management, access control or throttling, and whitelist.
    ModifyProtectionModuleRuleModifies the rules created for a WAF protection module. Supported modules include web intrusion prevention, data security, advanced protection, bot management, access control or throttling, and website whitelist.
    ModifyProtectionRuleStatusEnables or disables rules created for a WAF protection module. Supported modules include website tamper-proofing, allowed crawlers, bot threat intelligence, custom protection policy, and website whitelist.
    DescribeDomainRuleGroupQueries the ID of the protection rule group provided by the protection rules engine for a domain name.
    SetDomainRuleGroupConfigures the protection rule group for a domain name. WAF provides three default protection rule groups and supports custom protection rule groups.
    ModifyProtectionRuleCacheStatusUpdates the cached pages of a domain name protected by a website tamper-proofing rule.
    DeleteProtectionModuleRuleDeletes a rule created for a WAF protection module.
    DescribeProtectionModuleCodeConfigQueries the region codes that can be configured in the WAF region blacklist.

    Log management

    APIDescription
    ModifyLogServiceStatusEnables or disables the log collection feature for a domain name.
    ModifyLogRetrievalStatusEnables or disables the log retrieval feature for a domain name.
    DescribeLogServiceStatusQueries whether the log collection feature is enabled for domain names added to WAF.

    System management

    APIDescription
    DescribeWafSourceIpSegmentQueries the back-to-origin CIDR blocks used by the WAF protection cluster.

    Resource operations

    APIDescription
    MoveResourceGroupTransfers a WAF resource to a different resource group.