Overview
IAM
CDN
Managed DNS
Cloud
DDoS Protection
FastEdge
WAAP
Streaming
Object Storage
Resellers
import os
from gcore import Gcore
client = Gcore(
api_key=os.environ.get("GCORE_API_KEY"), # This is the default and can be omitted
)
waap_custom_rule = client.waap.domains.custom_rules.create(
domain_id=1,
action={},
conditions=[{}],
enabled=True,
name="Block foobar bot",
)
print(waap_custom_rule.id){
"name": "<string>",
"enabled": true,
"action": {
"allow": {},
"block": {
"status_code": 403,
"action_duration": "<string>"
},
"captcha": {},
"handshake": {},
"monitor": {},
"tag": {
"tags": [
"<string>"
]
}
},
"conditions": [
{
"ip": {
"ip_address": "<string>",
"negation": false
},
"ip_range": {
"lower_bound": "<string>",
"upper_bound": "<string>",
"negation": false
},
"url": {
"url": "<string>",
"negation": false,
"match_type": "Contains"
},
"user_agent": {
"user_agent": "<string>",
"negation": false,
"match_type": "Contains"
},
"header": {
"header": "<string>",
"value": "<string>",
"negation": false,
"match_type": "Contains"
},
"header_exists": {
"header": "<string>",
"negation": false
},
"response_header": {
"header": "<string>",
"value": "<string>",
"negation": false,
"match_type": "Contains"
},
"response_header_exists": {
"header": "<string>",
"negation": false
},
"http_method": {
"http_method": "CONNECT",
"negation": false
},
"file_extension": {
"file_extension": [
"<string>"
],
"negation": false
},
"content_type": {
"content_type": [
"<string>"
],
"negation": false
},
"country": {
"country_code": [
"<string>"
],
"negation": false
},
"organization": {
"organization": "<string>",
"negation": false
},
"request_rate": {
"path_pattern": "<string>",
"requests": 21,
"time": 1800,
"ips": [
"<string>"
],
"http_methods": [
"CONNECT"
],
"user_defined_tag": "<string>"
},
"owner_types": {
"negation": false,
"owner_types": [
"COMMERCIAL"
]
},
"tags": {
"tags": [
"<string>"
],
"negation": false
},
"session_request_count": {
"request_count": 123,
"negation": false
},
"user_defined_tags": {
"tags": [
"<string>"
],
"negation": false
}
}
],
"id": 123,
"description": "<string>"
}Create a custom rule
import os
from gcore import Gcore
client = Gcore(
api_key=os.environ.get("GCORE_API_KEY"), # This is the default and can be omitted
)
waap_custom_rule = client.waap.domains.custom_rules.create(
domain_id=1,
action={},
conditions=[{}],
enabled=True,
name="Block foobar bot",
)
print(waap_custom_rule.id){
"name": "<string>",
"enabled": true,
"action": {
"allow": {},
"block": {
"status_code": 403,
"action_duration": "<string>"
},
"captcha": {},
"handshake": {},
"monitor": {},
"tag": {
"tags": [
"<string>"
]
}
},
"conditions": [
{
"ip": {
"ip_address": "<string>",
"negation": false
},
"ip_range": {
"lower_bound": "<string>",
"upper_bound": "<string>",
"negation": false
},
"url": {
"url": "<string>",
"negation": false,
"match_type": "Contains"
},
"user_agent": {
"user_agent": "<string>",
"negation": false,
"match_type": "Contains"
},
"header": {
"header": "<string>",
"value": "<string>",
"negation": false,
"match_type": "Contains"
},
"header_exists": {
"header": "<string>",
"negation": false
},
"response_header": {
"header": "<string>",
"value": "<string>",
"negation": false,
"match_type": "Contains"
},
"response_header_exists": {
"header": "<string>",
"negation": false
},
"http_method": {
"http_method": "CONNECT",
"negation": false
},
"file_extension": {
"file_extension": [
"<string>"
],
"negation": false
},
"content_type": {
"content_type": [
"<string>"
],
"negation": false
},
"country": {
"country_code": [
"<string>"
],
"negation": false
},
"organization": {
"organization": "<string>",
"negation": false
},
"request_rate": {
"path_pattern": "<string>",
"requests": 21,
"time": 1800,
"ips": [
"<string>"
],
"http_methods": [
"CONNECT"
],
"user_defined_tag": "<string>"
},
"owner_types": {
"negation": false,
"owner_types": [
"COMMERCIAL"
]
},
"tags": {
"tags": [
"<string>"
],
"negation": false
},
"session_request_count": {
"request_count": 123,
"negation": false
},
"user_defined_tags": {
"tags": [
"<string>"
],
"negation": false
}
}
],
"id": 123,
"description": "<string>"
}Authorizations
API key for authentication. Make sure to include the word apikey, followed by a single space and then your token.
Example: apikey 1234$abcdef
Path Parameters
The domain ID The domain ID
Body
A request to create a new WAAP rule
The name assigned to the rule
1 - 100Whether or not the rule is enabled
The action that the rule takes when triggered. Only one action can be set per rule.
Show child attributes
Show child attributes
The WAAP allowed the request
WAAP block action behavior could be configured with response status code and action duration.
Show child attributes
Show child attributes
A custom HTTP status code that the WAAP returns if a rule blocks a request
403, 405, 418, 429 How long a rule's block action will apply to subsequent requests. Can be specified in seconds or by using a numeral followed by 's', 'm', 'h', or 'd' to represent time format (seconds, minutes, hours, or days). Empty time intervals are not allowed.
1 - 10The WAAP presented the user with a captcha
The WAAP performed automatic browser validation
The WAAP monitored the request but took no action
The conditions required for the WAAP engine to trigger the rule. Rules may have between 1 and 5 conditions. All conditions must pass for the rule to trigger
1 - 5 elementsShow child attributes
Show child attributes
Match the incoming request against an IP range
Show child attributes
Show child attributes
The lower bound IPv4 or IPv6 address to match against
The upper bound IPv4 or IPv6 address to match against
Whether or not to apply a boolean NOT operation to the rule's condition
Match the incoming request URL
Show child attributes
Show child attributes
The pattern to match against the request URL.
Constraints depend on match_type:
- Exact/Contains: plain text matching (e.g.,
/admin, must comply with^[\w!\$~:#\[\]@\(\)*\+,=\/\-\.\%]+$). - Regex: a valid regular expression (e.g.,
^/upload(/\d+)?/\w+). Lookahead/lookbehind constructs are forbidden.
1 - 100Whether or not to apply a boolean NOT operation to the rule's condition
The type of matching condition.
Exact, Contains, Regex Match the user agent making the request
Show child attributes
Show child attributes
The user agent value to match
300Whether or not to apply a boolean NOT operation to the rule's condition
The type of matching condition.
Exact, Contains Match an incoming request header
Show child attributes
Show child attributes
The request header name
1 - 50The request header value
100Whether or not to apply a boolean NOT operation to the rule's condition
The type of matching condition for header and value.
Exact, Contains Match a response header
Show child attributes
Show child attributes
The response header name
1 - 50The response header value
100Whether or not to apply a boolean NOT operation to the rule's condition
The type of matching condition for header and value.
Exact, Contains Match when a response header is present
Match the incoming HTTP method
Show child attributes
Show child attributes
Match the incoming file extension
Show child attributes
Show child attributes
The list of file extensions to match against
1 - 20 elementsA file extension without the leading dot
1 - 10Whether or not to apply a boolean NOT operation to the rule's condition
Match the requested Content-Type
Show child attributes
Show child attributes
The list of content types to match against
1 - 10 elementsIndividual MIME type to match
1 - 50Whether or not to apply a boolean NOT operation to the rule's condition
Match the country that the request originated from
Show child attributes
Show child attributes
Match the organization the request originated from, as determined by a WHOIS lookup of the requesting IP
Match the rate at which requests come in that match certain conditions
Show child attributes
Show child attributes
A regular expression matching the URL path of the incoming request
1 - 50The number of incoming requests over the given time that can trigger a request rate condition
x >= 20The number of seconds that the WAAP measures incoming requests over before triggering a request rate condition
1 <= x <= 3600A list of source IPs that can trigger a request rate condition
10Possible HTTP request methods that can trigger a request rate condition
HTTP methods and descriptions
Methods from the following RFCs are all observed:
- RFC 7231: Hypertext Transfer Protocol (HTTP/1.1), obsoletes 2616
- RFC 5789: PATCH Method for HTTP
CONNECT, DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT, TRACE A user-defined tag that can be included in incoming requests and used to trigger a request rate condition
1 - 50Match the type of organization that owns the IP address making an incoming request
Show child attributes
Show child attributes
Whether or not to apply a boolean NOT operation to the rule's condition
Match the type of organization that owns the IP address making an incoming request
1COMMERCIAL, EDUCATIONAL, GOVERNMENT, HOSTING_SERVICES, ISP, MOBILE_NETWORK, NETWORK, RESERVED Match the number of dynamic page requests made in a WAAP session
Matches requests based on user-defined tags
Show child attributes
Show child attributes
A list of user-defined tags to match against the request tags
1 - 10 elementsA user-defined tag assigned to the request
1 - 50Whether or not to apply a boolean NOT operation to the rule's condition
The description assigned to the rule
100Response
Successful Response
An WAAP rule applied to a domain
The name assigned to the rule
1 - 100Whether or not the rule is enabled
The action that the rule takes when triggered. Only one action can be set per rule.
Show child attributes
Show child attributes
The WAAP allowed the request
WAAP block action behavior could be configured with response status code and action duration.
Show child attributes
Show child attributes
A custom HTTP status code that the WAAP returns if a rule blocks a request
403, 405, 418, 429 How long a rule's block action will apply to subsequent requests. Can be specified in seconds or by using a numeral followed by 's', 'm', 'h', or 'd' to represent time format (seconds, minutes, hours, or days). Empty time intervals are not allowed.
1 - 10The WAAP presented the user with a captcha
The WAAP performed automatic browser validation
The WAAP monitored the request but took no action
The conditions required for the WAAP engine to trigger the rule. Rules may have between 1 and 5 conditions. All conditions must pass for the rule to trigger
1 - 5 elementsShow child attributes
Show child attributes
Match the incoming request against an IP range
Show child attributes
Show child attributes
The lower bound IPv4 or IPv6 address to match against
The upper bound IPv4 or IPv6 address to match against
Whether or not to apply a boolean NOT operation to the rule's condition
Match the incoming request URL
Show child attributes
Show child attributes
The pattern to match against the request URL.
Constraints depend on match_type:
- Exact/Contains: plain text matching (e.g.,
/admin, must comply with^[\w!\$~:#\[\]@\(\)*\+,=\/\-\.\%]+$). - Regex: a valid regular expression (e.g.,
^/upload(/\d+)?/\w+). Lookahead/lookbehind constructs are forbidden.
1 - 100Whether or not to apply a boolean NOT operation to the rule's condition
The type of matching condition.
Exact, Contains, Regex Match the user agent making the request
Show child attributes
Show child attributes
The user agent value to match
300Whether or not to apply a boolean NOT operation to the rule's condition
The type of matching condition.
Exact, Contains Match an incoming request header
Show child attributes
Show child attributes
The request header name
1 - 50The request header value
100Whether or not to apply a boolean NOT operation to the rule's condition
The type of matching condition for header and value.
Exact, Contains Match a response header
Show child attributes
Show child attributes
The response header name
1 - 50The response header value
100Whether or not to apply a boolean NOT operation to the rule's condition
The type of matching condition for header and value.
Exact, Contains Match when a response header is present
Match the incoming HTTP method
Show child attributes
Show child attributes
Match the incoming file extension
Show child attributes
Show child attributes
The list of file extensions to match against
1 - 20 elementsA file extension without the leading dot
1 - 10Whether or not to apply a boolean NOT operation to the rule's condition
Match the requested Content-Type
Show child attributes
Show child attributes
The list of content types to match against
1 - 10 elementsIndividual MIME type to match
1 - 50Whether or not to apply a boolean NOT operation to the rule's condition
Match the country that the request originated from
Show child attributes
Show child attributes
Match the organization the request originated from, as determined by a WHOIS lookup of the requesting IP
Match the rate at which requests come in that match certain conditions
Show child attributes
Show child attributes
A regular expression matching the URL path of the incoming request
1 - 50The number of incoming requests over the given time that can trigger a request rate condition
x >= 20The number of seconds that the WAAP measures incoming requests over before triggering a request rate condition
1 <= x <= 3600A list of source IPs that can trigger a request rate condition
10Possible HTTP request methods that can trigger a request rate condition
HTTP methods and descriptions
Methods from the following RFCs are all observed:
- RFC 7231: Hypertext Transfer Protocol (HTTP/1.1), obsoletes 2616
- RFC 5789: PATCH Method for HTTP
CONNECT, DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT, TRACE A user-defined tag that can be included in incoming requests and used to trigger a request rate condition
1 - 50Match the type of organization that owns the IP address making an incoming request
Show child attributes
Show child attributes
Whether or not to apply a boolean NOT operation to the rule's condition
Match the type of organization that owns the IP address making an incoming request
1COMMERCIAL, EDUCATIONAL, GOVERNMENT, HOSTING_SERVICES, ISP, MOBILE_NETWORK, NETWORK, RESERVED Match the number of dynamic page requests made in a WAAP session
Matches requests based on user-defined tags
Show child attributes
Show child attributes
A list of user-defined tags to match against the request tags
1 - 10 elementsA user-defined tag assigned to the request
1 - 50Whether or not to apply a boolean NOT operation to the rule's condition
The unique identifier for the rule
The description assigned to the rule
100Was this page helpful?