This article explains the legacy version of
WAF Essential cannot be configured via our APIs. However, you may leverage our APIs to retrieve WAF and Rate Limiting event log data.
Updates the configuration associated with a WAF instance.
A request to update a WAF instance is described below.
HTTP Method | Request URI |
---|---|
PUT |
https://api.edgecast.com/v2/mcc/customers/AccountNumber/waf/config/instances/InstanceID |
Define the following variables when submitting the above request:
VariableA variable represents a value that must be replaced. A variable consists of either a URL segment (e.g., "0001" in /0001/) or a query string value (e.g., "3" in mediaTypes=3). | Description |
---|---|
Required |
|
Required |
Replace this variable with the system-defined ID of the desired instance. Use the Get All Instances endpoint to retrieve a list of all available instances and their system-defined IDs. |
This endpointIdentifies a request's connection point to our REST API service. only takes advantage of common request headers.
Pass the following request body parameters:
Certain parameters, as designated below, are always ignored. A request may safely include these parameters, since they will not affect your configuration. This behavior allows a script to update an instance by retrieving it, modifying a value, and then using this endpoint to submit an update.
Name | Data Type | Description |
---|---|---|
name Required |
String |
Defines the name of a WAF instance. |
id Ignored |
String |
This parameter is always ignored. |
prod_profile_id Required |
String |
Identifies a profile that will be applied to production traffic by its system-defined ID. Use the Get All Profiles endpoint to retrieve a list of all available profiles and their system-defined IDs. |
prod_profile_name Ignored |
String |
This parameter is always ignored. |
prod_profile_action Deprecated |
String |
This parameter has been deprecated in favor of the prod_profile_enforcements parameter. Identifies the action that will be taken on production traffic when a request violates the profile defined by prod_profile_name. Valid values are:
|
audit_profile_id |
String |
Identifies a profile that will audit production traffic by its system-defined ID. Use the Get All Profiles endpoint to retrieve a list of all available profiles and their system-defined IDs. |
audit_profile_name Ignored |
String |
This parameter is always ignored. |
enabled_date Ignored |
String |
This parameter is always ignored. |
prod_profile_enforcements |
Array |
This array contains objects that describe the type of action that will be applied to threats detected as a result of this instance configuration. Omitting this parameter or by setting it to an empty array may cause the deprecated prod_profile_action parameter to determine how detected threats will be handled. |
name Required (type) |
String |
prod_profile_enforcements array This parameter is required when the request includes the type parameter. Identifies the type of action that will be applied to production traffic when a request violates the profile defined by the prod_profile_name parameter. Valid values are:
|
type Required (name) |
String |
prod_profile_enforcements array This parameter is required when the request includes the name parameter. Identifies the type of action that will be applied to production traffic when a request violates the profile defined by the prod_profile_name parameter. Valid values are:
The above values are case-sensitive. |
url Required (redirect-302) |
String |
prod_profile_enforcements array Redirect Only This parameter is required when this instance is configured to redirect (i.e., redirect-302 action) malicious traffic. Identifies the URL to which requests identified as malicious traffic will be redirected. |
display_default_error_page |
Boolean |
prod_profile_enforcements array Custom Response Only This parameter is only relevant when this instance is configured to send a custom response (i.e., custom-response action) whenever malicious traffic is detected. Determines whether a default error page will be sent in response to malicious traffic. Valid values are:
The response_body_base64 parameter overrides this option. |
response_body_base64 |
String |
prod_profile_enforcements array Custom Response Only This parameter is only relevant when this instance is configured to send a custom response (i.e., custom-response action) whenever malicious traffic is detected. Defines the response body that will be sent in response to malicious traffic. This value must be Base64 encoded. Set the response body to a custom web page by specifying the desired HTML tags (e.g., <html>...</html>). |
response_headers |
Object |
prod_profile_enforcements array Custom Response Only This parameter is only relevant when this instance is configured to send a custom response (i.e., custom-response action) whenever malicious traffic is detected. Defines the set of response headers that will be included in the response sent to malicious traffic. Specify each desired response header as a name/value pair. Syntax: "Header NameIdentifies a custom response header by its name." : "Header ValueIdentifies the value assigned to a custom response header."
Example: ... "response_headers" : { "My 1st Header" : "Value A", "My 2nd Header" : "Value B" }, ... |
status Required (custom-response) |
Integer |
prod_profile_enforcements array Custom Response Only This parameter is required when this instance is configured to send a custom response (i.e., custom-response action) whenever malicious traffic is detected. Defines the HTTP status code (e.g., 404) for the custom response that will be sent to malicious traffic. |
The response to the above request includes an HTTP status code, response headers, and a response body.
A status code indicates whether the request was successfully performed.
The response for this endpoint only includes standard HTTP response headers.
The response body for a successful request contains the following parameters:
Name | Data Type | Description |
---|---|---|
id |
String |
Identifies a WAF instance by its system-defined ID. |
success |
Boolean |
Indicates whether the WAF instance was updated. Valid values are:
|
The response body for an unsuccessful request will contain an error response that provides additional information.
A sample JSON request is shown below.
PUT https://api.edgecast.com/v2/mcc/customers/0001/waf/config/instances/1234 HTTP/1.1
Authorization: TOK:12345678-1234-1234-1234-1234567890ab
Accept: application/json
Content-Type: application/json
Host:api.edgecast.com
Content-Length: 479
{
"name" : "Site C",
"id" : "1234",
"prod_profile_id" : "23",
"prod_profile_name" : "Basic Profile",
"prod_profile_action" : "alert",
"audit_profile_id" : "0",
"audit_profile_name" : null,
"enabled_date" : "9\/7\/2024 6:45:19 PM",
"prod_profile_enforcements" : [{
"display_default_error_page" : true,
"name" : "Custom Response",
"response_headers" : {
"Profile" : "Basic"
},
"status" : 403,
"type" : "custom-response"
}
]
}
A sample JSON response is shown below.
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Date: Thu, 15 Apr 2021 12:00:00 GMT
Content-Length: 28
{ "id" : "1234", "success" : true }