Create an advanced rule

Python

from gcore import Gcore

client = Gcore(
    api_key="My API Key",
)
waap_advanced_rule = client.waap.domains.advanced_rules.create(
    domain_id=1,
    action={},
    enabled=True,
    name="Block foobar bot",
    source="request.rate_limit([], '.*events', 5, 200, [], [], '', 'ip') and not ('mb-web-ui' in request.headers['Cookie'] or 'mb-mobile-ios' in request.headers['Cookie'] or 'session-token' in request.headers['Cookie']) and not request.headers['session']",
)
print(waap_advanced_rule.id)

{
  "name": "Block foobar bot",
  "description": "<string>",
  "enabled": true,
  "action": {
    "allow": {},
    "block": {
      "status_code": 403,
      "action_duration": "12h"
    },
    "captcha": {},
    "handshake": {},
    "monitor": {},
    "tag": {
      "tags": [
        "<string>"
      ]
    }
  },
  "source": "request.rate_limit([], '.*events', 5, 200, [], [], '', 'ip') and not ('mb-web-ui' in request.headers['Cookie'] or 'mb-mobile-ios' in request.headers['Cookie'] or 'session-token' in request.headers['Cookie']) and not request.headers['session']",
  "phase": "access",
  "id": 123
}

POST

waap

domains

{domain_id}

advanced-rules

Python

from gcore import Gcore

client = Gcore(
    api_key="My API Key",
)
waap_advanced_rule = client.waap.domains.advanced_rules.create(
    domain_id=1,
    action={},
    enabled=True,
    name="Block foobar bot",
    source="request.rate_limit([], '.*events', 5, 200, [], [], '', 'ip') and not ('mb-web-ui' in request.headers['Cookie'] or 'mb-mobile-ios' in request.headers['Cookie'] or 'session-token' in request.headers['Cookie']) and not request.headers['session']",
)
print(waap_advanced_rule.id)

{
  "name": "Block foobar bot",
  "description": "<string>",
  "enabled": true,
  "action": {
    "allow": {},
    "block": {
      "status_code": 403,
      "action_duration": "12h"
    },
    "captcha": {},
    "handshake": {},
    "monitor": {},
    "tag": {
      "tags": [
        "<string>"
      ]
    }
  },
  "source": "request.rate_limit([], '.*events', 5, 200, [], [], '', 'ip') and not ('mb-web-ui' in request.headers['Cookie'] or 'mb-mobile-ios' in request.headers['Cookie'] or 'session-token' in request.headers['Cookie']) and not request.headers['session']",
  "phase": "access",
  "id": 123
}

Authorizations

Authorization

string

header

required

API key for authentication. Make sure to include the word apikey, followed by a single space and then your token. Example: apikey 1234$abcdef

Path Parameters

domain_id

integer

required

The domain ID

Required range: x > 0

Body

application/json

A request to create a new advanced rule

name

string

required

The name assigned to the rule

Required string length: 1 - 100

Examples:

"Block foobar bot"

enabled

boolean

required

Whether or not the rule is enabled

action

object

required

The action that the rule takes when triggered. Only one action can be set per rule.

Show child attributes

source

string

required

A CEL syntax expression that contains the rule's conditions. Allowed objects are: request, whois, session, response, tags, user_defined_tags, user_agent, client_data.

More info can be found here: https://gcore.com/docs/waap/waap-rules/advanced-rules

Minimum length: 1

Examples:

"request.rate_limit([], '.*events', 5, 200, [], [], '', 'ip') and not ('mb-web-ui' in request.headers['Cookie'] or 'mb-mobile-ios' in request.headers['Cookie'] or 'session-token' in request.headers['Cookie']) and not request.headers['session']"

description

string

The description assigned to the rule

Maximum length: 100

phase

enum<string> | null

default:access

The WAAP request/response phase for applying the rule. Default is "access".

The "access" phase is responsible for modifying the request before it is sent to the origin server.

The "header_filter" phase is responsible for modifying the HTTP headers of a response before they are sent back to the client.

The "body_filter" phase is responsible for modifying the body of a response before it is sent back to the client.

Available options:

access,

header_filter,

body_filter

Response

Successful Response

An advanced WAAP rule applied to a domain

name

string

required

The name assigned to the rule

Required string length: 1 - 100

Examples:

"Block foobar bot"

enabled

boolean

required

Whether or not the rule is enabled

action

object

required

The action that the rule takes when triggered. Only one action can be set per rule.

Show child attributes

source

string

required

A CEL syntax expression that contains the rule's conditions. Allowed objects are: request, whois, session, response, tags, user_defined_tags, user_agent, client_data.

More info can be found here: https://gcore.com/docs/waap/waap-rules/advanced-rules

Minimum length: 1

Examples:

integer

required

The unique identifier for the rule

description

string

The description assigned to the rule

Maximum length: 100

phase

enum<string> | null

default:access

The WAAP request/response phase for applying the rule. Default is "access".

The "access" phase is responsible for modifying the request before it is sent to the origin server.

The "header_filter" phase is responsible for modifying the HTTP headers of a response before they are sent back to the client.

The "body_filter" phase is responsible for modifying the body of a response before it is sent back to the client.

Available options:

access,

header_filter,

body_filter

Retrieve advanced rules Retrieve a specific advanced rule

Overview

IAM

CDN

Managed DNS

Cloud

DDoS Protection

FastEdge

WAAP

Streaming

Object Storage

Resellers

Create an advanced rule

Authorizations

Path Parameters

Body

Response