Get Configuration - Deprecated

This article explains the legacy version of Rate Limiting that underwent end-of-life on June 30, 2021. Our new version of WAF expands upon all of the capabilities offered by WAF (Legacy) and Rate Limiting (Legacy) with a simplified and centralized setup. Please upgrade to the latest version of WAF at your earliest convenience.

This deprecated endpoint was discontinuedIdentifies an endpoint that is no longer in service. This type of endpoint should not be used. All scripts that include this type of endpoint must be updated to use a different endpoint. on 12/9/2019. If you have not already updated your scripts and applications to leverage the Get Configuration (Version 1.0) and Update Configuration (Version 1.0) endpoints, then we strongly encourage you to do so immediately.

WAF Essential cannot be configured via our APIs. However, you may leverage our APIs to retrieve WAF and Rate Limiting event log data.

Retrieves the current rate limiting configuration.

This endpoint only supports JSON.

Request

A request to retrieve the current rate limiting configuration is described below.

HTTP Method	Request URI
GET	https://api.transactcdn.com/v2/mcc/customers/AccountNumber/defend/rate_limiting/config

Define the following term when submitting the above request:

VariableA variable represents a value that must be replaced. A variable consists of either a URL segment (e.g., "0001" in /0001/) or a query string value (e.g., "3" in mediaTypes=3).	Description
AccountNumber Required	Replace this variable with a customer account number. This account number may be found in the upper left-hand corner of the TCC.

VariableA variable represents a value that must be replaced. A variable consists of either a URL segment (e.g., "0001" in /0001/) or a query string value (e.g., "3" in mediaTypes=3).

Description

AccountNumber

Required

Replace this variable with a customer account number. This account number may be found in the upper left-hand corner of the TCC.

Request Headers

This endpointIdentifies a request's connection point to our REST API service. only takes advantage of common request headers.

Request Body

Request body parameters are not required by this endpoint.

Response

The response to the above request includes an HTTP status code, response headers, and a response body.

Status Code

A status code indicates whether the request was successfully performed.

Response Headers

The response for this endpoint only includes standard HTTP response headers.

View common response headers.

Response Body

The response body for a successful request contains the following response parameters:

Name	Data Type	Description
customer_id	String	Identifies a customer by account number.
enabled_date	String	Identifies the date on which the Rate Limiting configuration was last modified. Format: YYYY-MM-DDThh:mm:ss:ffffffZ Example: 2022-06-30T20:42:09.330793Z The above value represents June 30th, 2022 at 8:42 p.m. UTC. For more information on date/time format, please refer to Report Date/Time Format.
id	String	Identifies the current version of the Rate Limiting configuration by a system-defined alphanumeric ID. Example: 12345678-90ab-cdef-ghij-klmnopqrstuvwxyz1
name	String	Indicates the name assigned to the Rate Limiting configuration.
tuples	Array	Contains a list of rules.
dimensions	Array	tuples array Indicates the method by which the current rule groups requests. Rate limiting is applied to grouped requests. Valid values are: [Blank]: A blank value indicates that all requests are treated as a single group for the purpose of rate limiting. IP: Indicates that requests will be grouped by IP address. Each unique IP address is considered a separate group. User_Agent: Indicates that requests will be grouped by a client's user agent. Each unique combination of IP address and user agent is considered a separate group. A list of valid values is returned by the Get Available Group Types endpoint.
disabled	Boolean	tuples array Indicates whether a rule will be enforced. Valid values are: true: Disabled. This rule will not be used to rate limit site traffic. false: Enabled. Traffic is being restricted according to the policy defined in the rule.
duration_sec	Integer	tuples array Indicates the length, in seconds, of the rolling window that tracks the number of requests eligible for rate limiting. The rate limit formula is calculated through the limit and duration_sec response parameters as indicated below. limit requests per duration_sec Valid values are: 1 \| 5 \| 10 \| 30 \| 60 \| 120 \| 300
enforcements	Array	tuples array Contains settings that define the action that will take place upon a request that has exceeded the rate limit.
duration_sec	Integer	tuples array > enforcements array Indicates the length of time, in seconds, that the action defined within the enforcements array will be applied to a client that violates the rate limit defined by this rule. Valid values are: 10 \| 60 \| 300
id	String	tuples array > enforcements array Indicates the system-defined alphanumeric ID assigned to the rate limiting action. Example: 12345678-90ab-cdef-ghij-klmnopqrstuvwxyz1
name	String	tuples array > enforcements array Indicates the name assigned to the rate limiting action.
response_body_base64	String	tuples array > enforcements array Custom Response Only This parameter is only relevant when this instance is configured to send a custom response (i.e., custom-response action) for rate limited requests. Indicates the response body that will be sent to rate limited requests. This value is Base64 encoded.
response_headers	Object	tuples array > enforcements array Custom Response Only This parameter is only relevant when this instance is configured to send a custom response (i.e., custom-response action) for rate limited requests. Contains the set of response headers that will be included in the response sent to rate limited requests.
ResponseHeader	String	tuples array > enforcements array > response_headers object Custom Response Only This parameter is only relevant when this instance is configured to send a custom response (i.e., custom-response action) for rate limited requests. Describes a response header by its name and value. This response header will be included in the response sent to rate limited requests. Format: "NameIdentifies a custom response header by its name." : "ValueIdentifies the value assigned to a custom response header." Example: "My Header" : "Value 1"
status	Integer	tuples array > enforcements array Custom Response Only This parameter is only relevant when this instance is configured to send a custom response (i.e., custom-response action) for rate limited requests. Indicates the HTTP status code (e.g., 404) for the custom response sent to rate limited requests.
type	String	tuples array > enforcements array Indicates the type of action that will be applied to rate limited requests. Valid values are: custom-response: A custom HTTP response will be sent to rate limited responses. drop-request: Rate limited requests will be dropped. redirect-302: Rate limited requests will be redirected via a 302 Found. nop: Rate limited requests will only generate an alert. Use the Get Available Action Types endpoint to retrieve a list of the available action types.
url	String	tuples array > enforcements array Redirect Only This parameter is only relevant when this instance is configured to redirect rate limited requests. Indicates the URL to which rate limited requests will be redirected.
id	String	tuples array Indicates the system-defined alphanumeric ID for the current rule. Example: 12345678-90ab-cdef-ghij-klmnopqrstuvwxyz1
limit	Integer	tuples array Indicates the rate limit value. This value identifies the number of requests that will trigger rate limiting. The rate limit formula is calculated through the limit and duration_sec response parameters as indicated below. limit requests per duration_sec
name	String	tuples array Indicates the name of the rule.
rules	Array	tuples array Contains the set of condition groups associated with a rule.
chained_rule	Array	tuples array > rules array Contains a list of match conditions. If a condition group only contains a single match condition, then this response parameter will be empty. The first match condition in a condition group will not be included under this response parameter. It is always reported under the operator response parameter. This response parameter contains all other match conditions associated with the current condition group.
id	String	tuples array > rules array > chained_rule array Identifies a rate limiting match condition by its system-defined alphanumeric ID. Example: 12345678-90ab-cdef-ghij-klmnopqrstuvwxyz1
operator	Object	tuples array > rules array > chained_rule array Contains the properties of a match condition. The type of match condition is reported under the variable response parameter.
is_negated	Boolean	tuples array > rules array > chained_rule array > operator object Indicates whether this match condition will be satisfied when the requestThe attribute (e.g., hostname, URL path, IP address, etc.) of the request that will be compared is determined by the variable array. matches or does not match the value defined by the values parameter. Valid values are: True: Does not match False: Matches
type	String	tuples array > rules array > chained_rule array > operator object Indicates how the system will interpret the case-sensitive comparison between the requestThe attribute (e.g., hostname, URL path, IP address, etc.) of the request that will be compared is determined by the variable array. and the values parameter. Learn more about match types. Valid values: EM: Requires that the request's attribute be set to one of the value(s) defined in the values parameter. IPMATCH: Requires that the request's IP address be an exact match to one of the value(s) defined in the values parameter. Only use this match type with the REMOTE_ADDR match condition. A list of valid values is returned by the Get Available Match Comparison Type endpoint. View legacy match types. The following match types have undergone end-of-life and should not be used: STREQ: Requires that the request's attribute be set to the value defined in the value parameter. PM: Requires that the request's attribute contain one of the values defined in the values parameter.
value Deprecated	String	tuples array > rules array > chained_rule array > operator object Identifies a value that will be used to identify requests that are eligible for rate limiting. This response parameter has undergone end-of-life. Values are now reported in the values array.
values	Array	tuples array > rules array > chained_rule array > operator object Identifies one or more values used to identify requests that are eligible for rate limiting.
variable	Array	tuples array > rules array > chained_rule array Describes the type of match condition.
match	Array	tuples array > rules array > chained_rule array > variable array Identifies the subcategory associated with a match condition.
value	String	tuples array > rules array > chained_rule array > variable array > match array Indicates the match condition's subcategory (e.g., User-Agent). Valid values are reported by the value element of the valid_values array returned by the Get Available Match Condition Types endpoint.
type	String	tuples array > rules array > chained_rule array > variable array Indicates the type of match condition (e.g., REQUEST_HEADERS). Valid values are reported by the type parameter in the Get Available Match Condition Types endpoint.
id	String	tuples array > rules array Indicates the system-defined alphanumeric ID of a condition group. Example: 12345678-90ab-cdef-ghij-klmnopqrstuvwxyz1
name	String	tuples array > rules array Indicates the name of a condition group.
operator	Object	tuples array > rules array Contains the first match condition associated with a condition group. The type of match condition is reported under the variable response parameter.
is_negated	Boolean	tuples array > rules array > operator object Indicates whether this match condition will be satisfied when the requestThe attribute (e.g., hostname, URL path, IP address, etc.) of the request that will be compared is determined by the variable array. matches or does not match the value defined by the values parameter. Valid values are: True: Does not match False: Matches
type	String	tuples array > rules array > operator object Indicates how the system will interpret the case-sensitive comparison between the requestThe attribute (e.g., hostname, URL path, IP address, etc.) of the request that will be compared is determined by the variable array. and the values parameter. Learn more about match types. Valid values: EM: Requires that the request's attribute be set to one of the value(s) defined in the values parameter. IPMATCH: Requires that the request's IP address be an exact match to one of the value(s) defined in the values parameter. Only use this match type with the REMOTE_ADDR match condition. A list of valid values is returned by the Get Available Match Comparison Type endpoint. View legacy match types. The following match types have undergone end-of-life and should not be used: STREQ: Requires that the request's attribute be set to the value defined in the value parameter. PM: Requires that the request's attribute contain one of the values defined in the values parameter.
value Deprecated	String	tuples array > rules array > operator object Identifies a value that will be used to identify requests that are eligible for rate limiting. This response parameter has undergone end-of-life. Values are now reported in the values array.
values	Array	tuples array > rules array > operator object Identifies one or more values used to identify requests that are eligible for rate limiting.
variable	Array	tuples array > rules array Describes the type of match condition.
match	Array	tuples array > rules array > variable array Identifies the subcategory associated with a match condition.
value	String	tuples array > rules array > variable array > match array Indicates the match condition's subcategory (e.g., User-Agent). Valid values are reported by the value element of the valid_values array returned by the Get Available Match Condition Types endpoint.
type	String	tuples array > rules array > variable array Indicates the type of match condition (e.g., REQUEST_HEADERS). Valid values are reported by the type parameter in the Get Available Match Condition Types endpoint.
scope	Object	tuples array Contains the scope for the current rule.
host	Object	tuples array > scope object Contains hostname criteria that defines the set of requests eligible for rate limiting by the current rule.
is_negated	Boolean	tuples array > scope object > host object Indicates whether this scope condition will be satisfied when the host defined in the request URL matches or does not match the value defined by the value\|values parameter. Valid values are: True: Does not match False: Matches
type	String	tuples array > scope object > host object Indicates how the system will interpret the comparison between the request's hostname and the value defined within the value\|values parameter. Learn more about match types. Valid values: EM: Indicates that request's hostname must be an exact match to one of the case-sensitive values specified in the values parameter. GLOB: Indicates that the request's hostname must be an exact match to the wildcard pattern defined in the value parameter. REGEX: Indicates that the request's hostname must be an exact match to the regular expression defined in the value parameter. Apply this rate limit across all hostnames by setting this parameter to "GLOB" and setting the value parameter to "*." This type of configuration is also known as "Default." View legacy match types. The following match type has undergone end-of-life and should not be used: PM: Requires that the request's attribute contain one of the values defined in the values parameter.
value	String	tuples array > scope object > host object Identifies a value that will be used to identify requests that are eligible for rate limiting. This response parameter is only included in the response when the type response parameter is set to one of the following values: GLOB or REGEX.
values	Array String values	tuples array > scope object > host object Identifies one or more values used to identify requests that are eligible for rate limiting. This response parameter is only included in the response when the type response parameter is set to "EM."
path	Object	tuples array > scope object Contains URL path criteria that defines the set of requests eligible for rate limiting by the current rule.
is_negated	Boolean	tuples array > scope object > path object Indicates whether this scope condition will be satisfied when the request's URL path matches or does not match the value defined by the value\|values parameter. Valid values are: True: Does not match False: Matches
type	String	tuples array > scope object > path object Indicates how the system will interpret the comparison between the request's URL path and the value defined within the value\|values parameter. Learn more about match types. Valid values: EM: Indicates that request's URL path must be an exact match to one of the case-sensitive values specified in the values parameter. GLOB: Indicates that the request's URL path must be an exact match to the wildcard pattern defined in the value parameter. REGEX: Indicates that the request's URL path must be an exact match to the regular expression defined in the value parameter. Apply this rate limit across all request URLs by setting this parameter to "GLOB" and setting the value parameter to "*." This type of configuration is also known as "Default." View legacy match types. The following match type has undergone end-of-life and should not be used: PM: Requires that the request's attribute contain one of the values defined in the values parameter.
value	String	tuples array > scope object > path object Identifies a value that will be used to identify requests that are eligible for rate limiting. This response parameter is only included in the response when the type response parameter is set to one of the following values: GLOB or REGEX.
values	Array String values	tuples array > scope object > path object Identifies one or more values used to identify requests that are eligible for rate limiting. This response parameter is only included in the response when the type response parameter is set to "EM."
type	String	This response parameter always returns "ddos-coordinator."

Errors

The response body for an unsuccessful request will contain an error response that provides additional information.

View common error messages.

Sample Request and Response

A sample JSON request is shown below.

GET https://api.transactcdn.com/v2/mcc/customers/0001/defend/rate_limiting/config HTTP/1.1

Authorization: TOK:12345678-1234-1234-1234-1234567890ab

Accept: application/json

Content-Type: application/json

Host:api.transactcdn.com

A sample JSON response is shown below.

HTTP/1.1 200 OK

Cache-Control: private

Content-Type: application/json; charset=utf-8

Date: Thu, 15 Apr 2021 12:00:00 GMT

Content-Length: 1212

{
	"customer_id": "0001",
	"enabled_date": "2018-03-31T00:16:16.113092Z",
	"id": "e0fa44b4-ede1-4056-8bfe-5daa481a26c10001",
	"name": "name",
	"tuples": [{
			"dimensions": [
				"IP"
			],
			"disabled": false,
			"duration_sec": 300,
			"enforcements": [{
					"duration_sec": 10,
					"id": "dc0f41e9-8e6d-4b7d-b6f5-eef0f840e7cc0001",
					"name": "Rate Limiting Action",
					"type": "redirect-302",
					"url": "http://sec.example.com/unavailable.html"
				}
			],
			"id": "4bb1fd9e-1de9-4790-beab-a6fd64d8d3720001",
			"limit": 500,
			"name": "Rate Limiting Rule",
			"rules": [{
					"chained_rule": [],
					"id": "f46afe95-98a8-4e9e-9b2b-db7d5c565b8718786",
					"name": "Condition Group",
					"operator": {
						"is_negated": false,
						"type": "EM",
						"values": [
							"http://cdn.example.com/index.php"
						]						
					},
					"variable": [{
							"type": "REQUEST_URI"
						}
					]
				}
			]
			"scope": {
				"host": {
					"is_negated": false,
					"type": "EM",
					"values": [
						"www.example.com"
					]
				},
				"path": {
					"is_negated": false,
					"type": "GLOB",
					"value": "*"
				}
			}
		}
	],
	"type": "ddos-coordinator"
}