Update Access Rule (ACL)

WAF Insights does not support automation via our REST API web service. If you are currently using WAF Insights, upgrade your WAF solution to take advantage of our REST API.

Updates an access rule that identifies valid or malicious requests via whitelists, accesslists, and blacklists.

Learn more.

Request

A request to update an access rule is described below.

HTTP Method Request URI

PUT

https://api.edgecast.com/v2/mcc/customers/AccountNumber/waf/v1.0/acl/Access Rule ID

Define the following variables when submitting the above request:

VariableA variable represents a value that must be replaced. A variable consists of either a URL segment (e.g., "0001" in /0001/) or a query string value (e.g., "3" in mediaTypes=3). Description

AccountNumber

Required

Replace this variable with a customer account number. This account number may be found in the upper right-hand corner of the MCC.

Access Rule ID

Required

Replace this variable with the system-defined ID for the desired access rule.

Use the Get All Access Rules (ACLs) endpoint to retrieve a list of access rule and their system-defined IDs

Request Headers

This endpointIdentifies a request's connection point to our REST API service. only takes advantage of common request headers.

Request Body

Pass the following request body parameters:

Name Data Type Description

allowed_http_methods

Array

String values

Identifies each allowed HTTP method (e.g., GET).

allowed_request_content_types

Array

String values

Identifies each allowed media type (e.g., application\/json).

asn

Object

Contains access controls for autonomous system numbers (ASNs).

cookie

Object

Contains access controls for cookies.

country

Object

Contains access controls for countries. Specify each desired country using its country code.

Learn more.

customer_id

String

Identifies your account by its customer account number.

disallowed_extensions

Array

String values

Indicates each file extension for which WAF will send an alert or block the request.

disallowed_headers

Array

String values

Indicates each request header for which WAF will send an alert or block the request.

id

String

Indicates the system-defined ID for this access rule.

ip

Object

Contains access controls for IPv4 and/or IPv6 addresses. Specify each desired IP address using standard IPv4/IPv6 and CIDR notation.

max_file_size

Integer

Indicates the maximum file size, in bytes, for a POST request body.

name

String

Indicates the name assigned to this access rule.

referer

Object

Contains access controls for referrers.

All referrers defined within a whitelist, accesslist, or blacklist are regular expressions.

response_header_name

String

Determines the name of the response header that will be included with blocked requests.

sd_iso

Object

Contains access controls for country subdivisons (e.g., states or provinces). Specify each desired country subdivision using an ISO-3166-2 code.

url

Object

Contains access controls for URL paths.

Specify a URL path pattern that starts directly after the hostname. Exclude a protocol or a hostname when defining valuevalues.
Sample values:
/marketing
/800001/mycustomerorigin

All URL paths defined within a whitelist, accesslist, or blacklist are regular expressions.

user_agent

Object

Contains access controls for user agents.

All user agents defined within a whitelist, accesslist, or blacklist are regular expressions.

ACL Type Object

The asn, cookie, country, ip, referer, url, and user_agent objects contain the following properties:

Name Data Type Description

accesslist

Array

String / integer values

Contains entries that identify traffic that may access your content upon passing a threat assessment.

ASN access controls are integer values. All other access controls are string values.

blacklist

Array

String / integer values

Contains entries that identify traffic that will be blocked or for which an alert will be generated.

ASN access controls are integer values. All other access controls are string values.

whitelist

Array

String / integer values

Contains entries that identify traffic that may access your content without undergoing threat assessment.

ASN access controls are integer values. All other access controls are string values.

All entries within a cookie, referrer, URL, or user agent whitelist, accesslist, or blacklist are regular expressions.

Response

The response to the above request includes an HTTP status code, response headers, and a response body.

Status Code

A status code indicates whether the request was successfully performed.

Response Headers

The response for this endpoint only includes standard HTTP response headers.

View common response headers.

Response Body

The response body for a successful request contains the following parameters:

Name Data Type Description

id

String

Indicates the system-defined ID for the resource.

status

String

Returns success.

success

Boolean

Returns true.

Errors

The response body for an unsuccessful request contains the following parameters:

Name Data Type Description

success

Boolean

Returns false.

errors

Array

Objects

Contains one or more error(s).

errors Array

The errors array describes each error that occurred using the following properties:

Name Data Type Description

code

Integer

Indicates the HTTP status code for the error.

message

String

Indicates the description for the error that occurred.

Sample Request and Response (JSON)

A sample JSON request is shown below.

PUT https://api.edgecast.com/v2/mcc/customers/0001/waf/v1.0/acl/CGifudum HTTP/1.1

Authorization: TOK:12345678-1234-1234-1234-1234567890ab

Accept: application/json

Content-Type: application/json

Host: api.edgecast.com

{
	"asn": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"cookie": {
		"blacklist": [
			"bot"
		],
		"whitelist": [
			"trusted"
		]
	},
	"country": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"customer_id": "0001",
	"disallowed_extensions": [
		".asa",
		".asax",
		".ascx",
		".axd",
		".backup",
		".bak",
		".bat",
		".cdx",
		".cer",
		".cfg",
		".cmd",
		".com",
		".config",
		".conf",
		".cs",
		".csproj",
		".csr",
		".dat",
		".db",
		".dbf",
		".dll",
		".dos",
		".htr",
		".htw",
		".ida",
		".idc",
		".idq",
		".inc",
		".ini",
		".key",
		".licx",
		".lnk",
		".log",
		".mdb",
		".old",
		".pass",
		".pdb",
		".pol",
		".printer",
		".pwd",
		".resources",
		".resx",
		".sql",
		".sys",
		".vb",
		".vbs",
		".vbproj",
		".vsdisco",
		".webinfo",
		".xsd",
		".xsx/"
	],
	"ip": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"referer": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"url": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"user_agent": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	}
}

A sample JSON response is shown below.

HTTP/1.1 200 OK

Cache-Control: private

Content-Type: application/json; charset=utf-8

Date: Thu, 15 Apr 2021 12:00:00 GMT

Content-Length: 51

{
	"id": "dQndQsnv",
	"status": "success",
	"success": true
}