Get Access Rule (ACL)

WAF Insights does not support automation via our REST API web service. If you are currently using WAF Insights, upgrade your WAF solution to take advantage of our REST API.

Retrieves an access rule that identifies valid or malicious requests via whitelists, accesslists, and blacklists.

Learn more.

Request

A request to retrieve an access rule is described below.

HTTP Method Request URI

GET

https://api.edgecast.com/v2/mcc/customers/AccountNumber/waf/v1.0/acl/Access Rule ID

Define the following variables when submitting the above request:

VariableA variable represents a value that must be replaced. A variable consists of either a URL segment (e.g., "0001" in /0001/) or a query string value (e.g., "3" in mediaTypes=3). Description

AccountNumber

Required

Replace this variable with a customer account number. This account number may be found in the upper right-hand corner of the MCC.

Access Rule ID

Required

Replace this variable with the system-defined ID for the desired access rule.

Use the Get All Access Rules (ACLs) endpoint to retrieve a list of access rules and their system-defined IDs

Request Headers

This endpointIdentifies a request's connection point to our REST API service. only takes advantage of common request headers.

Request Body

Request body parameters are not required by this endpoint.

Response

The response to the above request includes an HTTP status code, response headers, and a response body.

Status Code

A status code indicates whether the request was successfully performed.

Response Headers

The response for this endpoint only includes standard HTTP response headers.

View common response headers.

Response Body

The response body for a successful request contains the following response elements for each access rule:

Name Data Type Description

allowed_http_methods

Array

String values

Identifies each allowed HTTP method (e.g., GET).

allowed_request_content_types

Array

String values

Identifies each allowed media type (e.g., application\/json).

asn

Object

Contains access controls for autonomous system numbers (ASNs).

cookie

Object

Contains access controls for cookie names.

All cookies defined within a whitelist, accesslist, or blacklist are regular expressions.

country

Object

Contains access controls for countries. Each country is identified by its country code.

Learn more.

customer_id

String

Identifies your account by its customer account number.

disallowed_extensions

Array

String values

Indicates each file extension for which WAF will send an alert or block the request.

disallowed_headers

Array

String values

Indicates each request header for which WAF will send an alert or block the request.

id

String

Indicates the system-defined ID for this access rule.

ip

Object

Contains access controls for IPv4 and/or IPv6 addresses. Specify each desired IP address using standard IPv4/IPv6 and CIDR notation.

last_modified_by

String

Reserved for future use.

last_modified_date

String

Indicates the timestamp at which this access rule was last modified.

Syntax:

YYYY-MM-DDThh:mm:ss:ffffffZ

Learn more.

max_file_size

Integer

Indicates the maximum file size, in bytes, for a POST request body.

name

String

Indicates the name assigned to this access rule.

referer

Object

Contains access controls for referrers.

All referrers defined within a whitelist, accesslist, or blacklist are regular expressions.

response_header_name

String

Indicates the name of the response header that will be included with blocked requests.

sd_iso

Object

Contains access controls for country subdivisons (e.g., states or provinces). Specify each desired country subdivision using an ISO-3166-2 code.

url

Object

Contains access controls for URL paths.

All URL paths defined within a whitelist, accesslist, or blacklist are regular expressions.

user_agent

Object

Contains access controls for user agents.

All user agents defined within a whitelist, accesslist, or blacklist are regular expressions.

version

String

Reserved for future use.

ACL Type Object

The asn, cookie, country, ip, referer, url, and user_agent objects contain the following properties:

Name Data Type Description

accesslist

Array

String / integer values

Contains entries that identify traffic that may access your content upon passing a threat assessment.

ASN access controls are integer values. All other access controls are string values.

blacklist

Array

String / integer values

Contains entries that identify traffic that will be blocked or for which an alert will be generated.

ASN access controls are integer values. All other access controls are string values.

whitelist

Array

String / integer values

Contains entries that identify traffic that may access your content without undergoing threat assessment.

ASN access controls are integer values. All other access controls are string values.

All entries within a cookie, referrer, URL, or user agent whitelist, accesslist, or blacklist are regular expressions.

Errors

The response body for an unsuccessful request may contain an error element that provides additional information.

View common error messages.

Sample Request and Response (JSON)

A sample JSON request is shown below.

GET https://api.edgecast.com/v2/mcc/customers/0001/waf/v1.0/acl/CGifudum HTTP/1.1

Authorization: TOK:12345678-1234-1234-1234-1234567890ab

Accept: application/json

Content-Type: application/json

Host: api.edgecast.com

A sample JSON response is shown below.

HTTP/1.1 200 OK

Cache-Control: private

Content-Type: application/json; charset=utf-8

Date: Thu, 15 Apr 2021 12:00:00 GMT

Content-Length: 1400

{
	"allowed_http_versions": [
		"HTTP/1.0",
		"HTTP/1.1",
		"HTTP/2.0"
	],
	"asn": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"cookie": {
		"blacklist": [
			"bot"
		],
		"whitelist": [
			"trusted"
		]
	},
	"country": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"customer_id": "0001",
	"disallowed_extensions": [
		".asa",
		".asax",
		".ascx",
		".axd",
		".backup",
		".bak",
		".bat",
		".cdx",
		".cer",
		".cfg",
		".cmd",
		".com",
		".config",
		".conf",
		".cs",
		".csproj",
		".csr",
		".dat",
		".db",
		".dbf",
		".dll",
		".dos",
		".htr",
		".htw",
		".ida",
		".idc",
		".idq",
		".inc",
		".ini",
		".key",
		".licx",
		".lnk",
		".log",
		".mdb",
		".old",
		".pass",
		".pdb",
		".pol",
		".printer",
		".pwd",
		".resources",
		".resx",
		".sql",
		".sys",
		".vb",
		".vbs",
		".vbproj",
		".vsdisco",
		".webinfo",
		".xsd",
		".xsx/"
	],
	"id": "CGifudum",
	"ip": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"last_modified_date": "2020-06-03T23:02:22.803847Z",
	"name": "ACL configuration",
	"referer": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"url": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"user_agent": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	}
}