Firewall versions
Firewall version objects contain all of the rules and settings for your WAF and remain empty until properly configured. To understand the behavior of thresholds and scores, see Managing rules. Newly created firewall versions are initiated without any associated rules. See Active Rules for details. Changes to your WAF's rules and settings can be made by cloning an existing firewall version, making the changes, and then activating the new firewall version.
Data model
allowed_http_versions | string | Allowed HTTP versions. [Default HTTP/1.0 HTTP/1.1 HTTP/2 ] | |
allowed_methods | string | A space-separated list of HTTP method names. [Default GET HEAD POST OPTIONS PUT PATCH DELETE ] | |
allowed_request_content_type | string | Allowed request content types. [Default application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf|application/json|text/plain ] | |
allowed_request_content_type_charset | string | Allowed request content type charset. [Default utf-8|iso-8859-1|iso-8859-15|windows-1252 ] | |
arg_length | integer | The maximum allowed length of an argument. [Default 400 ] | |
arg_name_length | integer | The maximum allowed argument name length. [Default 100 ] | |
combined_file_sizes | integer | The maximum allowed size of all files (in bytes). [Default 10000000 ] | |
comment | string | A freeform descriptive note. | |
critical_anomaly_score | integer | Score value to add for critical anomalies. [Default 6 ] | |
crs_validate_utf8_encoding | boolean | CRS validate UTF8 encoding. | |
error_anomaly_score | integer | Score value to add for error anomalies. [Default 5 ] | |
high_risk_country_codes | string | A space-separated list of country codes in ISO 3166-1 (two-letter) format. | |
http_violation_score_threshold | integer | HTTP violation threshold. | |
inbound_anomaly_score_threshold | integer | Inbound anomaly threshold. | |
lfi_score_threshold | integer | Local file inclusion attack threshold. | |
locked | boolean | Whether a specific firewall version is locked from being modified. [Default false ] | |
max_file_size | integer | The maximum allowed file size, in bytes. [Default 10000000 ] | |
max_num_args | integer | The maximum number of arguments allowed. [Default 255 ] | |
modsec_rule_id | integer | The ModSecurity rule ID of the associated rule revision. | |
notice_anomaly_score | integer | Score value to add for notice anomalies. [Default 4 ] | |
number | integer | Integer identifying a WAF firewall version. Read-only. | |
paranoia_level | integer | The configured paranoia level. [Default 1 ] | |
php_injection_score_threshold | integer | PHP injection threshold. | |
rce_score_threshold | integer | Remote code execution threshold. | |
relationships.waf_firewall_version.id | string | Alphanumeric string identifying a Firewall version. | |
relationships.waf_rule_revisions.id | string | Alphanumeric string identifying a WAF rule revision. | |
restricted_extensions | string | A space-separated list of allowed file extensions. [Default .asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx ] | |
restricted_headers | string | A space-separated list of allowed header names. [Default /proxy/ /lock-token/ /content-range/ /translate/ /if/ ] | |
rfi_score_threshold | integer | Remote file inclusion attack threshold. | |
session_fixation_score_threshold | integer | Session fixation attack threshold. | |
sql_injection_score_threshold | integer | SQL injection attack threshold. | |
status | string | Describes the behavior for the particular rule revision within this firewall version. | |
total_arg_length | integer | The maximum size of argument names and values. [Default 6400 ] | |
type | string | Resource type. [Default waf_active_rule ] | |
warning_anomaly_score | integer | Score value to add for warning anomalies. | |
xss_score_threshold | integer | XSS attack threshold. | |
waf_active_rules | object | ||
waf_firewall_versions | object | ||
active | boolean | Whether a specific firewall version is currently deployed. Read-only. | |
active_rules_fastly_block_count | integer | The number of active Fastly rules set to block. Read-only. | |
active_rules_fastly_log_count | integer | The number of active Fastly rules set to log. Read-only. | |
active_rules_fastly_score_count | integer | The number of active Fastly rules set to score. Read-only. | |
active_rules_owasp_block_count | integer | The number of active OWASP rules set to block. Read-only. | |
active_rules_owasp_log_count | integer | The number of active OWASP rules set to log. Read-only. | |
active_rules_owasp_score_count | integer | The number of active OWASP rules set to score. Read-only. | |
active_rules_trustwave_block_count | integer | The number of active Trustwave rules set to block. Read-only. | |
active_rules_trustwave_log_count | integer | The number of active Trustwave rules set to log. Read-only. | |
created_at | string | Date and time in ISO 8601 format. Read-only. | |
deleted_at | string | Date and time in ISO 8601 format. Read-only. | |
deployed_at | string | Time-stamp (GMT) indicating when the firewall version was last deployed. Read-only. | |
error | string | Contains error message if the firewall version fails to deploy. Read-only. | |
id | string | Alphanumeric string identifying a Firewall version. Read-only. | |
last_deployment_status | string | The status of the last deployment of this firewall version. Read-only. | |
relationships.waf_active_rules.id | string | Alphanumeric string identifying a WAF active rule. | |
relationships.waf_firewall_versions.id | string | Alphanumeric string identifying a Firewall version. | |
updated_at | string | Date and time in ISO 8601 format. Read-only. |
Endpoints
PUT/waf/firewalls/firewall_id
/versions/firewall_version_number
/clone