The following tables list API operations available for use in Web Application Firewall (WAF).
Instance management
API | Description |
Queries the basic information about the WAF instance that you purchase. The information includes the ID, type, and status of the WAF instance. | |
Queries the specification information about the WAF instance that you purchase. | |
Releases a subscription WAF instance that expires. |
Domain name configurations
API | Description |
Queries all the domain names that are added to WAF. Note This operation returns all the domain names at a time. We recommend that you call the DescribeDomainList operation, which returns domain names by page. | |
Queries the domain names that are added to WAF by page. Note This operation allows you to specify different conditions for the query and returns query results by page. If you want to query a large number of domain names, we recommend that you call the operation. | |
Queries the configuration of a specific domain name that is added to WAF. | |
Adds a domain name to WAF. | |
Modifies the configuration of a specific domain name. | |
Removes a domain name from WAF. | |
Queries the certificates that are associated with a specific domain name. The certificates are managed by SSL Certificates Service. | |
Checks whether the certificate and the private key that you upload for a specific domain name match each other. | |
Uploads the certificate and private key for a domain name that is added to WAF. | |
Uploads the certificate for a specific domain name based on the certificate ID. | |
Queries the protection status of a domain name that is added to WAF. | |
Queries the configuration details of a domain name that is added to WAF. |
Protection configuration
API | Description |
Enables or disables IPv6 traffic protection for a domain name. | |
Queries whether a specific WAF protection module is enabled. The WAF protection modules include web intrusion prevention, data security, advanced protection, bot management, and access control or throttling. | |
Enables or disables a specific WAF protection module. The WAF protection modules include web intrusion prevention, data security, advanced protection, bot management, and access control or throttling. | |
Queries the protection mode of a specific WAF protection module. The WAF protection modules include the protection rules engine, big data deep learning engine, HTTP flood protection, data risk control, and positive security model. | |
Modifies the protection mode of a specific WAF protection module. The WAF protection modules include the protection rules engine, big data deep learning engine, HTTP flood protection, data risk control, and positive security model. | |
Queries the rules that are created for a specific WAF protection module. The WAF protection modules include web intrusion prevention, data security, bot management, access control or throttling, and website whitelist. | |
Creates rules for a specific WAF protection module. The WAF protection modules include web intrusion prevention, data security, bot management, access control or throttling, and whitelist. | |
Modifies the rules that are created for a specific WAF protection module. The WAF protection modules include web intrusion prevention, data security, advanced protection, bot management, access control or throttling, and website whitelist. | |
Enables or disables the rules that are created for a specific WAF protection module. The WAF protection modules include website tamper-proofing, allowed crawlers, bot threat intelligence, custom protection policy, and website whitelist. | |
Queries the ID of the protection rule group that is provided by the protection rules engine module for a specific domain name. | |
Configures the protection rule group that is provided by the protection rules engine module for a specific domain name. WAF provides three default protection rule groups. You can also configure a custom protection rule group. | |
Updates the cached pages of a domain name that is protected by a specific website tamper-proofing rule. | |
Deletes the rule that is created for a specific WAF protection module | |
Queries the codes of regions that can be configured in the WAF region blacklist. |
Log management
API | Description |
Enables or disables the log collection feature for a domain name. | |
Enables or disables the log retrieval feature for a domain name. | |
Queries whether the log collection feature is enabled for the domain names that are added to WAF. |
System management
API | Description |
Queries the back-to-origin CIDR blocks that are used by the WAF protection cluster. |
Resource operations
API | Description |
Transfers a WAF resource to another resource group. |