1 of 20
2 of 20
3 of 20
4 of 20
5 of 20
6 of 20
7 of 20
8 of 20
9 of 20
10 of 20
11 of 20
12 of 20
13 of 20
14 of 20
15 of 20
16 of 20
17 of 20
18 of 20
19 of 20
20 of 20

site

doc

blog

success stories

WAF

Edite no GitHub

  1. Consulta lista de rule sets do WAF
  2. Consulta dados de uma rule set do WAF

1. Consulta lista de rule sets do WAF

Retorna a lista de rule sets do WAF.

GET /waf/rulesets

Permissão necessária: View Security Settings

Parâmetro Descrição Tipo de Parâmetro Tipo de Dado
Authorization (obrigatório) A autenticação por Token previamente criado através do endpoint de Criação de Token.

ex.:

Authorization: Token
583f8a9ca8d6d5ff2cb50f1d3c4d35cb8939f1bf
header string

Exemplo de Requisição

GET /waf/rulesets
Accept: application/json; version=2
Authorization: Token 583f8a9ca8d6d5ff2cb50f1d3c4d35cb8939f1bf

Exemplo de Resposta

HTTP/2 200
[
   {
      "id": 3,
      "name": "WAF for myApp",
      "mode": "blocking",
      "active": true,
      "sql_injection": true,
      "sql_injection_sensitivity": "medium",
      "remote_file_inclusion": true,
      "remote_file_inclusion_sensitivity": "medium",
      "directory_traversal": true,
      "directory_traversal_sensitivity": "medium",
      "cross_site_scripting": true,
      "cross_site_scripting_sensitivity": "medium",
      "evading_tricks": true,
      "evading_tricks_sensitivity": "medium",
      "file_upload": true,
      "file_upload_sensitivity": "medium",
      "unwanted_access": true,
      "unwanted_access_sensitivity": "medium",
      "identified_attack": true,
      "identified_attack_sensitivity": "medium",
      "whitelist": "BasicRule wl:1 \"mz:$ARGS_VAR:foo|$URL:/x\";"
   },
   {
      "id": 4,
      "name": "WAF for Stage",
      "mode": "counting",
      "active": true,
      "sql_injection": true,
      "sql_injection_sensitivity": "medium",
      "remote_file_inclusion": true,
      "remote_file_inclusion_sensitivity": "medium",
      "directory_traversal": true,
      "directory_traversal_sensitivity": "medium",
      "cross_site_scripting": true,
      "cross_site_scripting_sensitivity": "medium",
      "evading_tricks": true,
      "evading_tricks_sensitivity": "medium",
      "file_upload": true,
      "file_upload_sensitivity": "medium",
      "unwanted_access": true,
      "unwanted_access_sensitivity": "medium",
      "identified_attack": true,
      "identified_attack_sensitivity": "medium"
   }
]

2. Consulta dados de uma rule set do WAF

Retorna dados de uma rule set do WAF.

GET /waf/rulesets/:ruleset_id

Permissão necessária: View Security Settings

Parâmetro Descrição Tipo de Parâmetro Tipo de Dado
Authorization (obrigatório) A autenticação por Token previamente criado através do endpoint de Criação de Token.

ex.:

Authorization: Token
583f8a9ca8d6d5ff2cb50f1d3c4d35cb8939f1bf
header string
:ruleset_id (obrigatório) Id da rule set de WAF a ser consultada. Para obter o Id de uma rule set, consulte a Lista de Rule Sets. path number

Exemplo de Requisição

GET /waf/rulesets/3
Accept: application/json; version=2
Authorization: Token 583f8a9ca8d6d5ff2cb50f1d3c4d35cb8939f1bf

Exemplo de Resposta

HTTP/2 200
{
    "id": 3,
    "name": "WAF for myApp",
    "mode": "blocking",
    "active": true,
    "sql_injection": true,
    "sql_injection_sensitivity": "medium",
    "remote_file_inclusion": true,
    "remote_file_inclusion_sensitivity": "medium",
    "directory_traversal": true,
    "directory_traversal_sensitivity": "medium",
    "cross_site_scripting": true,
    "cross_site_scripting_sensitivity": "medium",
    "evading_tricks": true,
    "evading_tricks_sensitivity": "medium",
    "file_upload": true,
    "file_upload_sensitivity": "medium",
    "unwanted_access": true,
    "unwanted_access_sensitivity": "medium",
    "identified_attack": true,
    "identified_attack_sensitivity": "medium",
    "whitelist": "BasicRule wl:1 \"mz:$ARGS_VAR:foo|$URL:/x\";"
}

Não encontrou o que procurava? Abra um ticket.