Get Access Rule (ACL)

WAF Insights does not support automation via our REST API web service. If you are currently using WAF Insights, upgrade your WAF solution to take advantage of our REST API.

Retrieves an access rule that identifies valid or malicious requests via whitelists, accesslists, and blacklists.

Learn more.

Request

A request to retrieve an access rule is described below.

HTTP Method	Request URI
GET	https://api.transactcdn.com/v2/mcc/customers/AccountNumber/waf/v1.0/acl/Access Rule ID

Define the following variables when submitting the above request:

VariableA variable represents a value that must be replaced. A variable consists of either a URL segment (e.g., "0001" in /0001/) or a query string value (e.g., "3" in mediaTypes=3).	Description
AccountNumber Required	Replace this variable with a customer account number. This account number may be found in the upper left-hand corner of the TCC.
Access Rule ID Required	Replace this variable with the system-defined ID for the desired access rule. Use the Get All Access Rules (ACLs) endpoint to retrieve a list of access rules and their system-defined IDs

Description

AccountNumber

Required

Replace this variable with a customer account number. This account number may be found in the upper left-hand corner of the TCC.

Access Rule ID

Required

Replace this variable with the system-defined ID for the desired access rule.

Use the Get All Access Rules (ACLs) endpoint to retrieve a list of access rules and their system-defined IDs

Request Headers

This endpointIdentifies a request's connection point to our REST API service. only takes advantage of common request headers.

Request Body

Request body parameters are not required by this endpoint.

Response

The response to the above request includes an HTTP status code, response headers, and a response body.

Status Code

A status code indicates whether the request was successfully performed.

Response Headers

The response for this endpoint only includes standard HTTP response headers.

View common response headers.

Response Body

The response body for a successful request contains the following response elements for each access rule:

Name	Data Type	Description
allowed_http_methods	Array String values	Identifies each allowed HTTP method (e.g., GET).
allowed_request_content_types	Array String values	Identifies each allowed media type (e.g., application\/json).
asn	Object	Contains access controls for autonomous system numbers (ASNs).
cookie	Object	Contains access controls for cookie names. All cookies defined within a whitelist, accesslist, or blacklist are regular expressions.
country	Object	Contains access controls for countries. Specify each desired country using its country code. Learn more.
customer_id	String	Identifies your account by its customer account number.
disallowed_extensions	Array String values	Indicates each file extension for which WAF will send an alert or block the request.
disallowed_headers	Array String values	Indicates each request header for which WAF will send an alert or block the request.
id	String	Indicates the system-defined ID for this access rule.
ip	Object	Contains access controls for IPv4 and/or IPv6 addresses. Specify each desired IP address using standard IPv4/IPv6 and CIDR notation.
last_modified_by	String	Reserved for future use.
last_modified_date	String	Indicates the timestamp at which this access rule was last modified. Syntax: YYYY-MM-DDThh:mm:ss:ffffffZ Learn more.
max_file_size	Integer	Indicates the maximum file size, in bytes, for a POST request body.
name	String	Indicates the name assigned to this access rule.
referer	Object	Contains access controls for referrers. All referrers defined within a whitelist, accesslist, or blacklist are regular expressions.
response_header_name	String	Indicates the name of the response header that will be included with blocked requests.
url	Object	Contains access controls for URL paths. All URL paths defined within a whitelist, accesslist, or blacklist are regular expressions.
user_agent	Object	Contains access controls for user agents. All user agents defined within a whitelist, accesslist, or blacklist are regular expressions.
version	String	Reserved for future use.

ACL Type Object

The asn, cookie, country, ip, referer, url, and user_agent objects contain the following properties:

Name	Data Type	Description
accesslist	Array String / integer values	Contains entries that identify traffic that may access your content upon passing a threat assessment. ASN access controls are integer values. All other access controls are string values.
blacklist	Array String / integer values	Contains entries that identify traffic that will be blocked or for which an alert will be generated. ASN access controls are integer values. All other access controls are string values.
whitelist	Array String / integer values	Contains entries that identify traffic that may access your content without undergoing threat assessment. ASN access controls are integer values. All other access controls are string values.

Name

Data Type

Description

accesslist

Array

String / integer values

Contains entries that identify traffic that may access your content upon passing a threat assessment.

ASN access controls are integer values. All other access controls are string values.

blacklist

Array

String / integer values

Contains entries that identify traffic that will be blocked or for which an alert will be generated.

ASN access controls are integer values. All other access controls are string values.

whitelist

Array

String / integer values

Contains entries that identify traffic that may access your content without undergoing threat assessment.

ASN access controls are integer values. All other access controls are string values.

All entries within a cookie, referrer, URL, or user agent whitelist, accesslist, or blacklist are regular expressions.

Errors

The response body for an unsuccessful request may contain an error element that provides additional information.

View common error messages.

Sample Request and Response (JSON)

A sample JSON request is shown below.

GET https://api.transactcdn.com/v2/mcc/customers/0001/waf/v1.0/acl/CGifudum HTTP/1.1

Authorization: TOK:12345678-1234-1234-1234-1234567890ab

Accept: application/json

Content-Type: application/json

Host: api.transactcdn.com

A sample JSON response is shown below.

HTTP/1.1 200 OK

Cache-Control: private

Content-Type: application/json; charset=utf-8

Date: Thu, 15 Apr 2021 12:00:00 GMT

Content-Length: 1400

{
	"allowed_http_versions": [
		"HTTP/1.0",
		"HTTP/1.1",
		"HTTP/2.0"
	],
	"asn": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"cookie": {
		"blacklist": [
			"bot"
		],
		"whitelist": [
			"trusted"
		]
	},
	"country": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"customer_id": "0001",
	"disallowed_extensions": [
		".asa",
		".asax",
		".ascx",
		".axd",
		".backup",
		".bak",
		".bat",
		".cdx",
		".cer",
		".cfg",
		".cmd",
		".com",
		".config",
		".conf",
		".cs",
		".csproj",
		".csr",
		".dat",
		".db",
		".dbf",
		".dll",
		".dos",
		".htr",
		".htw",
		".ida",
		".idc",
		".idq",
		".inc",
		".ini",
		".key",
		".licx",
		".lnk",
		".log",
		".mdb",
		".old",
		".pass",
		".pdb",
		".pol",
		".printer",
		".pwd",
		".resources",
		".resx",
		".sql",
		".sys",
		".vb",
		".vbs",
		".vbproj",
		".vsdisco",
		".webinfo",
		".xsd",
		".xsx/"
	],
	"id": "CGifudum",
	"ip": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"last_modified_date": "2020-06-03T23:02:22.803847Z",
	"name": "ACL configuration",
	"referer": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"url": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	},
	"user_agent": {
		"accesslist": [],
		"blacklist": [],
		"whitelist": []
	}
}