Skip to main content
POST
/
waap
/
v1
/
domains
/
{domain_id}
/
advanced-rules
Python
import os
from gcore import Gcore

client = Gcore(
    api_key=os.environ.get("GCORE_API_KEY"),  # This is the default and can be omitted
)
waap_advanced_rule = client.waap.domains.advanced_rules.create(
    domain_id=1,
    action={},
    enabled=True,
    name="Block foobar bot",
    source="request.rate_limit([], '.*events', 5, 200, [], [], '', 'ip') and not ('mb-web-ui' in request.headers['Cookie'] or 'mb-mobile-ios' in request.headers['Cookie'] or 'session-token' in request.headers['Cookie']) and not request.headers['session']",
)
print(waap_advanced_rule.id)
{
  "name": "<string>",
  "enabled": true,
  "action": {
    "allow": {},
    "block": {
      "status_code": 403,
      "action_duration": "<string>"
    },
    "captcha": {},
    "handshake": {},
    "monitor": {},
    "tag": {
      "tags": [
        "<string>"
      ]
    }
  },
  "source": "<string>",
  "id": 123,
  "description": "<string>",
  "phase": "access"
}

Authorizations

Authorization
string
header
required

API key for authentication. Make sure to include the word apikey, followed by a single space and then your token. Example: apikey 1234$abcdef

Path Parameters

domain_id
integer
required

The domain ID The domain ID

Body

application/json

A request to create a new advanced rule

name
string
required

The name assigned to the rule

Required string length: 1 - 100
enabled
boolean
required

Whether or not the rule is enabled

action
CustomerRuleAction · object
required

The action that the rule takes when triggered. Only one action can be set per rule.

source
string
required

A CEL syntax expression that contains the rule's conditions. Allowed objects are: request, whois, session, response, tags, user_defined_tags, user_agent, client_data.

More info can be found here: https://gcore.com/docs/waap/waap-rules/advanced-rules

Minimum string length: 1
description
string

The description assigned to the rule

Maximum string length: 100
phase
enum<string> | null
default:access

The WAAP request/response phase for applying the rule. Default is "access".

The "access" phase is responsible for modifying the request before it is sent to the origin server.

The "header_filter" phase is responsible for modifying the HTTP headers of a response before they are sent back to the client.

The "body_filter" phase is responsible for modifying the body of a response before it is sent back to the client.

Available options:
access,
header_filter,
body_filter

Response

Successful Response

An advanced WAAP rule applied to a domain

name
string
required

The name assigned to the rule

Required string length: 1 - 100
enabled
boolean
required

Whether or not the rule is enabled

action
CustomerRuleAction · object
required

The action that the rule takes when triggered. Only one action can be set per rule.

source
string
required

A CEL syntax expression that contains the rule's conditions. Allowed objects are: request, whois, session, response, tags, user_defined_tags, user_agent, client_data.

More info can be found here: https://gcore.com/docs/waap/waap-rules/advanced-rules

Minimum string length: 1
id
integer
required

The unique identifier for the rule

description
string

The description assigned to the rule

Maximum string length: 100
phase
enum<string> | null
default:access

The WAAP request/response phase for applying the rule. Default is "access".

The "access" phase is responsible for modifying the request before it is sent to the origin server.

The "header_filter" phase is responsible for modifying the HTTP headers of a response before they are sent back to the client.

The "body_filter" phase is responsible for modifying the body of a response before it is sent back to the client.

Available options:
access,
header_filter,
body_filter