Updates an existing rule in an account ruleset.
/accounts/{account_id}/rulesets/{ruleset_id}/rules/{rule_id}
patch
Account Rulesets
updateAccountRulesetRule
{
"business": true,
"enterprise": true,
"free": true,
"pro": true
}null[
{
"in": "path",
"name": "rule_id",
"required": true,
"schema": {
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
}
},
{
"in": "path",
"name": "ruleset_id",
"required": true,
"schema": {
"description": "The unique ID of the ruleset.",
"example": "2f2feab2026849078ba485f918791bdc",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
}
},
{
"in": "path",
"name": "account_id",
"required": true,
"schema": {
"description": "The unique ID of the account.",
"example": "abf9b32d38c5f572afde3336ec0ce302",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
}
}
]{
"content": {
"application/json": {
"schema": {
"allOf": [
{
"discriminator": {
"mapping": {
"block": "#/components/schemas/sIblclzY_BlockRule",
"execute": "#/components/schemas/sIblclzY_ExecuteRule",
"log": "#/components/schemas/sIblclzY_LogRule",
"skip": "#/components/schemas/sIblclzY_SkipRule"
},
"propertyName": "action"
},
"oneOf": [
{
"allOf": [
{
"properties": {
"action": {
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
"action_parameters": {
"description": "The parameters configuring the rule's action.",
"title": "Action parameters",
"type": "object"
},
"categories": {
"description": "The categories of the rule.",
"example": [
"directory-traversal",
"header"
],
"items": {
"description": "A category of the rule.",
"example": "directory-traversal",
"minLength": 1,
"title": "Category",
"type": "string"
},
"minItems": 1,
"readOnly": true,
"title": "Categories",
"type": "array",
"uniqueItems": true
},
"description": {
"default": "",
"description": "An informative description of the rule.",
"title": "Description",
"type": "string"
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"default": true
}
]
},
"expression": {
"description": "The expression defining which traffic will match the rule.",
"example": "ip.src ne 1.1.1.1",
"minLength": 1,
"title": "Expression",
"type": "string"
},
"id": {
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
"last_updated": {
"description": "The timestamp of when the rule was last modified.",
"example": "2000-01-01T00:00:00.000000Z",
"format": "date-time",
"readOnly": true,
"title": "Last updated",
"type": "string"
},
"logging": {
"description": "An object configuring the rule's logging behavior.",
"properties": {
"enabled": {
"description": "Whether to generate a log when the rule matches.",
"example": true,
"title": "Enabled",
"type": "boolean"
}
},
"required": [
"enabled"
],
"title": "Logging",
"type": "object"
},
"ref": {
"description": "The reference of the rule (the rule ID by default).",
"example": "my_ref",
"minLength": 1,
"title": "Ref",
"type": "string"
},
"version": {
"description": "The version of the rule.",
"example": "1",
"pattern": "^[0-9]+$",
"readOnly": true,
"title": "Version",
"type": "string"
}
},
"required": [
"version",
"last_updated"
],
"title": "Rule",
"type": "object"
},
{
"properties": {
"action": {
"enum": [
"block"
]
},
"action_parameters": {
"properties": {
"response": {
"description": "The response to show when the block is applied.",
"properties": {
"content": {
"description": "The content to return.",
"example": "{\n \"success\": false,\n \"error\": \"you have been blocked\"\n}",
"minLength": 1,
"title": "Content",
"type": "string"
},
"content_type": {
"description": "The type of the content to return.",
"example": "application/json",
"minLength": 1,
"title": "Content type",
"type": "string"
},
"status_code": {
"description": "The status code to return.",
"maximum": 499,
"minimum": 400,
"title": "Status code",
"type": "integer"
}
},
"required": [
"status_code",
"content",
"content_type"
],
"title": "Response",
"type": "object"
}
}
},
"description": {
"example": "Block when the IP address is not 1.1.1.1"
}
},
"title": "Block rule"
}
]
},
{
"allOf": [
{
"properties": {
"action": {
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
"action_parameters": {
"description": "The parameters configuring the rule's action.",
"title": "Action parameters",
"type": "object"
},
"categories": {
"description": "The categories of the rule.",
"example": [
"directory-traversal",
"header"
],
"items": {
"description": "A category of the rule.",
"example": "directory-traversal",
"minLength": 1,
"title": "Category",
"type": "string"
},
"minItems": 1,
"readOnly": true,
"title": "Categories",
"type": "array",
"uniqueItems": true
},
"description": {
"default": "",
"description": "An informative description of the rule.",
"title": "Description",
"type": "string"
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"default": true
}
]
},
"expression": {
"description": "The expression defining which traffic will match the rule.",
"example": "ip.src ne 1.1.1.1",
"minLength": 1,
"title": "Expression",
"type": "string"
},
"id": {
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
"last_updated": {
"description": "The timestamp of when the rule was last modified.",
"example": "2000-01-01T00:00:00.000000Z",
"format": "date-time",
"readOnly": true,
"title": "Last updated",
"type": "string"
},
"logging": {
"description": "An object configuring the rule's logging behavior.",
"properties": {
"enabled": {
"description": "Whether to generate a log when the rule matches.",
"example": true,
"title": "Enabled",
"type": "boolean"
}
},
"required": [
"enabled"
],
"title": "Logging",
"type": "object"
},
"ref": {
"description": "The reference of the rule (the rule ID by default).",
"example": "my_ref",
"minLength": 1,
"title": "Ref",
"type": "string"
},
"version": {
"description": "The version of the rule.",
"example": "1",
"pattern": "^[0-9]+$",
"readOnly": true,
"title": "Version",
"type": "string"
}
},
"required": [
"version",
"last_updated"
],
"title": "Rule",
"type": "object"
},
{
"properties": {
"action": {
"enum": [
"execute"
]
},
"action_parameters": {
"properties": {
"id": {
"allOf": [
{
"description": "The unique ID of the ruleset.",
"example": "2f2feab2026849078ba485f918791bdc",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
{
"description": "The ID of the ruleset to execute.",
"example": "4814384a9e5d4991b9815dcfc25d2f1f"
}
]
},
"matched_data": {
"description": "The configuration to use for matched data logging.",
"properties": {
"public_key": {
"description": "The public key to encrypt matched data logs with.",
"example": "iGqBmyIUxuWt1rvxoAharN9FUXneUBxA/Y19PyyrEG0=",
"minLength": 1,
"title": "Public key",
"type": "string"
}
},
"required": [
"public_key"
],
"title": "Matched data",
"type": "object"
},
"overrides": {
"description": "A set of overrides to apply to the target ruleset.",
"minProperties": 1,
"properties": {
"action": {
"allOf": [
{
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
{
"description": "An action to override all rules with. This option has lower precedence than rule and category overrides."
}
]
},
"categories": {
"description": "A list of category-level overrides. This option has the second-highest precedence after rule-level overrides.",
"items": {
"description": "A category-level override",
"minProperties": 2,
"properties": {
"action": {
"allOf": [
{
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
{
"description": "The action to override rules in the category with."
}
]
},
"category": {
"allOf": [
{
"description": "A category of the rule.",
"example": "directory-traversal",
"minLength": 1,
"title": "Category",
"type": "string"
},
{
"description": "The name of the category to override."
}
]
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"description": "Whether to enable execution of rules in the category."
}
]
},
"sensitivity_level": {
"allOf": [
{
"enum": [
"default",
"medium",
"low",
"eoff"
],
"title": "Sensitivity level",
"type": "string"
},
{
"description": "The sensitivity level to use for rules in the category."
}
]
}
},
"required": [
"category"
],
"title": "Category override",
"type": "object"
},
"minItems": 1,
"title": "Category overrides",
"type": "array",
"uniqueItems": true
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"description": "Whether to enable execution of all rules. This option has lower precedence than rule and category overrides."
}
]
},
"rules": {
"description": "A list of rule-level overrides. This option has the highest precedence.",
"items": {
"description": "A rule-level override",
"minProperties": 2,
"properties": {
"action": {
"allOf": [
{
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
{
"description": "The action to override the rule with."
}
]
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"description": "Whether to enable execution of the rule."
}
]
},
"id": {
"allOf": [
{
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
{
"description": "The ID of the rule to override.",
"example": "8ac8bc2a661e475d940980f9317f28e1"
}
]
},
"score_threshold": {
"description": "The score threshold to use for the rule.",
"title": "Score threshold",
"type": "integer"
},
"sensitivity_level": {
"allOf": [
{
"enum": [
"default",
"medium",
"low",
"eoff"
],
"title": "Sensitivity level",
"type": "string"
},
{
"description": "The sensitivity level to use for the rule."
}
]
}
},
"required": [
"id"
],
"title": "Rule override",
"type": "object"
},
"minItems": 1,
"title": "Rule overrides",
"type": "array",
"uniqueItems": true
},
"sensitivity_level": {
"allOf": [
{
"enum": [
"default",
"medium",
"low",
"eoff"
],
"title": "Sensitivity level",
"type": "string"
},
{
"description": "A sensitivity level to set for all rules. This option has lower precedence than rule and category overrides and is only applicable for DDoS phases."
}
]
}
},
"title": "Overrides",
"type": "object"
}
},
"required": [
"id"
]
},
"description": {
"example": "Execute the OWASP ruleset when the IP address is not 1.1.1.1"
}
},
"title": "Execute rule"
}
]
},
{
"allOf": [
{
"properties": {
"action": {
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
"action_parameters": {
"description": "The parameters configuring the rule's action.",
"title": "Action parameters",
"type": "object"
},
"categories": {
"description": "The categories of the rule.",
"example": [
"directory-traversal",
"header"
],
"items": {
"description": "A category of the rule.",
"example": "directory-traversal",
"minLength": 1,
"title": "Category",
"type": "string"
},
"minItems": 1,
"readOnly": true,
"title": "Categories",
"type": "array",
"uniqueItems": true
},
"description": {
"default": "",
"description": "An informative description of the rule.",
"title": "Description",
"type": "string"
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"default": true
}
]
},
"expression": {
"description": "The expression defining which traffic will match the rule.",
"example": "ip.src ne 1.1.1.1",
"minLength": 1,
"title": "Expression",
"type": "string"
},
"id": {
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
"last_updated": {
"description": "The timestamp of when the rule was last modified.",
"example": "2000-01-01T00:00:00.000000Z",
"format": "date-time",
"readOnly": true,
"title": "Last updated",
"type": "string"
},
"logging": {
"description": "An object configuring the rule's logging behavior.",
"properties": {
"enabled": {
"description": "Whether to generate a log when the rule matches.",
"example": true,
"title": "Enabled",
"type": "boolean"
}
},
"required": [
"enabled"
],
"title": "Logging",
"type": "object"
},
"ref": {
"description": "The reference of the rule (the rule ID by default).",
"example": "my_ref",
"minLength": 1,
"title": "Ref",
"type": "string"
},
"version": {
"description": "The version of the rule.",
"example": "1",
"pattern": "^[0-9]+$",
"readOnly": true,
"title": "Version",
"type": "string"
}
},
"required": [
"version",
"last_updated"
],
"title": "Rule",
"type": "object"
},
{
"properties": {
"action": {
"enum": [
"log"
]
},
"action_parameters": {
"enum": [
{}
]
},
"description": {
"example": "Log when the IP address is not 1.1.1.1"
}
},
"title": "Log rule"
}
]
},
{
"allOf": [
{
"properties": {
"action": {
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
"action_parameters": {
"description": "The parameters configuring the rule's action.",
"title": "Action parameters",
"type": "object"
},
"categories": {
"description": "The categories of the rule.",
"example": [
"directory-traversal",
"header"
],
"items": {
"description": "A category of the rule.",
"example": "directory-traversal",
"minLength": 1,
"title": "Category",
"type": "string"
},
"minItems": 1,
"readOnly": true,
"title": "Categories",
"type": "array",
"uniqueItems": true
},
"description": {
"default": "",
"description": "An informative description of the rule.",
"title": "Description",
"type": "string"
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"default": true
}
]
},
"expression": {
"description": "The expression defining which traffic will match the rule.",
"example": "ip.src ne 1.1.1.1",
"minLength": 1,
"title": "Expression",
"type": "string"
},
"id": {
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
"last_updated": {
"description": "The timestamp of when the rule was last modified.",
"example": "2000-01-01T00:00:00.000000Z",
"format": "date-time",
"readOnly": true,
"title": "Last updated",
"type": "string"
},
"logging": {
"description": "An object configuring the rule's logging behavior.",
"properties": {
"enabled": {
"description": "Whether to generate a log when the rule matches.",
"example": true,
"title": "Enabled",
"type": "boolean"
}
},
"required": [
"enabled"
],
"title": "Logging",
"type": "object"
},
"ref": {
"description": "The reference of the rule (the rule ID by default).",
"example": "my_ref",
"minLength": 1,
"title": "Ref",
"type": "string"
},
"version": {
"description": "The version of the rule.",
"example": "1",
"pattern": "^[0-9]+$",
"readOnly": true,
"title": "Version",
"type": "string"
}
},
"required": [
"version",
"last_updated"
],
"title": "Rule",
"type": "object"
},
{
"properties": {
"action": {
"enum": [
"skip"
]
},
"action_parameters": {
"example": {
"ruleset": "current"
},
"minProperties": 1,
"properties": {
"phases": {
"description": "A list of phases to skip the execution of. This option is incompatible with the ruleset and rulesets options.",
"items": {
"allOf": [
{
"description": "The phase of the ruleset.",
"enum": [
"ddos_l4",
"ddos_l7",
"http_config_settings",
"http_custom_errors",
"http_log_custom_fields",
"http_ratelimit",
"http_request_cache_settings",
"http_request_dynamic_redirect",
"http_request_firewall_custom",
"http_request_firewall_managed",
"http_request_late_transform",
"http_request_origin",
"http_request_redirect",
"http_request_sanitize",
"http_request_sbfm",
"http_request_select_configuration",
"http_request_transform",
"http_response_compression",
"http_response_firewall_managed",
"http_response_headers_transform",
"magic_transit",
"magic_transit_ids_managed",
"magic_transit_managed"
],
"example": "http_request_firewall_custom",
"title": "Phase",
"type": "string"
},
{
"description": "A phase to skip the execution of."
}
]
},
"minItems": 1,
"title": "Phases",
"type": "array",
"uniqueItems": true
},
"products": {
"description": "A list of legacy security products to skip the execution of.",
"items": {
"description": "The name of a legacy security product to skip the execution of.",
"enum": [
"bic",
"hot",
"rateLimit",
"securityLevel",
"uaBlock",
"waf",
"zoneLockdown"
],
"title": "Product",
"type": "string"
},
"minItems": 1,
"title": "Products",
"type": "array",
"uniqueItems": true
},
"rules": {
"additionalProperties": {
"description": "A list of rule IDs in the ruleset to skip the execution of.",
"items": {
"allOf": [
{
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
{
"description": "The ID of a rule in the ruleset to skip the execution of.",
"example": "8ac8bc2a661e475d940980f9317f28e1",
"title": "Rule"
}
]
},
"minItems": 1,
"title": "Rules",
"type": "array",
"uniqueItems": true
},
"description": "A mapping of ruleset IDs to a list of rule IDs in that ruleset to skip the execution of. This option is incompatible with the ruleset option.",
"example": {
"4814384a9e5d4991b9815dcfc25d2f1f": [
"8ac8bc2a661e475d940980f9317f28e1"
]
},
"minProperties": 1,
"title": "Rules",
"type": "object"
},
"ruleset": {
"description": "A ruleset to skip the execution of. This option is incompatible with the rulesets, rules and phases options.",
"enum": [
"current"
],
"title": "Ruleset",
"type": "string"
},
"rulesets": {
"description": "A list of ruleset IDs to skip the execution of. This option is incompatible with the ruleset and phases options.",
"items": {
"allOf": [
{
"description": "The unique ID of the ruleset.",
"example": "2f2feab2026849078ba485f918791bdc",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
{
"description": "The ID of a ruleset to skip the execution of.",
"example": "4814384a9e5d4991b9815dcfc25d2f1f",
"title": "Ruleset"
}
]
},
"minItems": 1,
"title": "Rulesets",
"type": "array",
"uniqueItems": true
}
}
},
"description": {
"example": "Skip the current ruleset when the IP address is not 1.1.1.1"
}
},
"title": "Skip rule"
}
]
}
]
},
{
"properties": {
"position": {
"oneOf": [
{
"allOf": [
{
"description": "An object configuring where the rule will be placed.",
"title": "Position",
"type": "object"
},
{
"properties": {
"before": {
"description": "The ID of another rule to place the rule before. An empty value causes the rule to be placed at the top.",
"example": "da5e8e506c8e7877fe06cdf4c41add54",
"pattern": "^(?:[0-9a-f]{32})?$",
"title": "Before",
"type": "string"
}
},
"title": "Before position"
}
]
},
{
"allOf": [
{
"description": "An object configuring where the rule will be placed.",
"title": "Position",
"type": "object"
},
{
"properties": {
"after": {
"description": "The ID of another rule to place the rule after. An empty value causes the rule to be placed at the bottom.",
"example": "5bccdbb2a5142cd25cad8591255bd209",
"pattern": "^(?:[0-9a-f]{32})?$",
"title": "After",
"type": "string"
}
},
"title": "After position"
}
]
},
{
"allOf": [
{
"description": "An object configuring where the rule will be placed.",
"title": "Position",
"type": "object"
},
{
"properties": {
"index": {
"description": "An index at which to place the rule, where index 1 is the first rule.",
"example": 1,
"minimum": 1,
"title": "Index",
"type": "number"
}
},
"title": "Index position"
}
]
}
]
}
}
}
]
}
}
},
"required": true
}{
"200": {
"content": {
"application/json": {
"schema": {
"allOf": [
{
"description": "A response object.",
"properties": {
"errors": {
"allOf": [
{
"description": "A list of error messages.",
"items": {
"description": "A message.",
"properties": {
"code": {
"description": "A unique code for this message.",
"example": 10000,
"title": "Code",
"type": "integer"
},
"message": {
"description": "A text description of this message.",
"example": "something bad happened",
"minLength": 1,
"title": "Description",
"type": "string"
},
"source": {
"description": "The source of this message.",
"properties": {
"pointer": {
"description": "A JSON pointer to the field that is the source of the message.",
"example": "/rules/0/action",
"minLength": 1,
"title": "Pointer",
"type": "string"
}
},
"required": [
"pointer"
],
"title": "Source",
"type": "object"
}
},
"required": [
"message"
],
"title": "Message",
"type": "object"
},
"title": "Errors",
"type": "array"
},
{
"enum": [
[]
]
}
]
},
"messages": {
"description": "A list of warning messages.",
"items": {
"description": "A message.",
"properties": {
"code": {
"description": "A unique code for this message.",
"example": 10000,
"title": "Code",
"type": "integer"
},
"message": {
"description": "A text description of this message.",
"example": "something bad happened",
"minLength": 1,
"title": "Description",
"type": "string"
},
"source": {
"description": "The source of this message.",
"properties": {
"pointer": {
"description": "A JSON pointer to the field that is the source of the message.",
"example": "/rules/0/action",
"minLength": 1,
"title": "Pointer",
"type": "string"
}
},
"required": [
"pointer"
],
"title": "Source",
"type": "object"
}
},
"required": [
"message"
],
"title": "Message",
"type": "object"
},
"title": "Messages",
"type": "array"
},
"result": {
"description": "A result.",
"title": "Result"
},
"success": {
"description": "Whether the API call was successful.",
"enum": [
true
],
"title": "Success",
"type": "boolean"
}
},
"required": [
"result",
"success",
"errors",
"messages"
],
"title": "Response",
"type": "object"
},
{
"properties": {
"result": {
"allOf": [
{
"description": "A ruleset object.",
"properties": {
"description": {
"default": "",
"description": "An informative description of the ruleset.",
"example": "My ruleset to execute managed rulesets",
"title": "Description",
"type": "string"
},
"id": {
"allOf": [
{
"description": "The unique ID of the ruleset.",
"example": "2f2feab2026849078ba485f918791bdc",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
{
"readOnly": true
}
]
},
"kind": {
"description": "The kind of the ruleset.",
"enum": [
"managed",
"custom",
"root",
"zone"
],
"example": "root",
"title": "Kind",
"type": "string"
},
"last_updated": {
"description": "The timestamp of when the ruleset was last modified.",
"example": "2000-01-01T00:00:00.000000Z",
"format": "date-time",
"readOnly": true,
"title": "Last updated",
"type": "string"
},
"name": {
"description": "The human-readable name of the ruleset.",
"example": "My ruleset",
"minLength": 1,
"title": "Name",
"type": "string"
},
"phase": {
"description": "The phase of the ruleset.",
"enum": [
"ddos_l4",
"ddos_l7",
"http_config_settings",
"http_custom_errors",
"http_log_custom_fields",
"http_ratelimit",
"http_request_cache_settings",
"http_request_dynamic_redirect",
"http_request_firewall_custom",
"http_request_firewall_managed",
"http_request_late_transform",
"http_request_origin",
"http_request_redirect",
"http_request_sanitize",
"http_request_sbfm",
"http_request_select_configuration",
"http_request_transform",
"http_response_compression",
"http_response_firewall_managed",
"http_response_headers_transform",
"magic_transit",
"magic_transit_ids_managed",
"magic_transit_managed"
],
"example": "http_request_firewall_custom",
"title": "Phase",
"type": "string"
},
"version": {
"description": "The version of the ruleset.",
"example": "1",
"pattern": "^[0-9]+$",
"readOnly": true,
"title": "Version",
"type": "string"
}
},
"required": [
"id",
"version",
"last_updated"
],
"title": "Ruleset",
"type": "object"
},
{
"properties": {
"rules": {
"description": "The list of rules in the ruleset.",
"items": {
"allOf": [
{
"discriminator": {
"mapping": {
"block": "#/components/schemas/sIblclzY_BlockRule",
"execute": "#/components/schemas/sIblclzY_ExecuteRule",
"log": "#/components/schemas/sIblclzY_LogRule",
"skip": "#/components/schemas/sIblclzY_SkipRule"
},
"propertyName": "action"
},
"oneOf": [
{
"allOf": [
{
"properties": {
"action": {
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
"action_parameters": {
"description": "The parameters configuring the rule's action.",
"title": "Action parameters",
"type": "object"
},
"categories": {
"description": "The categories of the rule.",
"example": [
"directory-traversal",
"header"
],
"items": {
"description": "A category of the rule.",
"example": "directory-traversal",
"minLength": 1,
"title": "Category",
"type": "string"
},
"minItems": 1,
"readOnly": true,
"title": "Categories",
"type": "array",
"uniqueItems": true
},
"description": {
"default": "",
"description": "An informative description of the rule.",
"title": "Description",
"type": "string"
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"default": true
}
]
},
"expression": {
"description": "The expression defining which traffic will match the rule.",
"example": "ip.src ne 1.1.1.1",
"minLength": 1,
"title": "Expression",
"type": "string"
},
"id": {
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
"last_updated": {
"description": "The timestamp of when the rule was last modified.",
"example": "2000-01-01T00:00:00.000000Z",
"format": "date-time",
"readOnly": true,
"title": "Last updated",
"type": "string"
},
"logging": {
"description": "An object configuring the rule's logging behavior.",
"properties": {
"enabled": {
"description": "Whether to generate a log when the rule matches.",
"example": true,
"title": "Enabled",
"type": "boolean"
}
},
"required": [
"enabled"
],
"title": "Logging",
"type": "object"
},
"ref": {
"description": "The reference of the rule (the rule ID by default).",
"example": "my_ref",
"minLength": 1,
"title": "Ref",
"type": "string"
},
"version": {
"description": "The version of the rule.",
"example": "1",
"pattern": "^[0-9]+$",
"readOnly": true,
"title": "Version",
"type": "string"
}
},
"required": [
"version",
"last_updated"
],
"title": "Rule",
"type": "object"
},
{
"properties": {
"action": {
"enum": [
"block"
]
},
"action_parameters": {
"properties": {
"response": {
"description": "The response to show when the block is applied.",
"properties": {
"content": {
"description": "The content to return.",
"example": "{\n \"success\": false,\n \"error\": \"you have been blocked\"\n}",
"minLength": 1,
"title": "Content",
"type": "string"
},
"content_type": {
"description": "The type of the content to return.",
"example": "application/json",
"minLength": 1,
"title": "Content type",
"type": "string"
},
"status_code": {
"description": "The status code to return.",
"maximum": 499,
"minimum": 400,
"title": "Status code",
"type": "integer"
}
},
"required": [
"status_code",
"content",
"content_type"
],
"title": "Response",
"type": "object"
}
}
},
"description": {
"example": "Block when the IP address is not 1.1.1.1"
}
},
"title": "Block rule"
}
]
},
{
"allOf": [
{
"properties": {
"action": {
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
"action_parameters": {
"description": "The parameters configuring the rule's action.",
"title": "Action parameters",
"type": "object"
},
"categories": {
"description": "The categories of the rule.",
"example": [
"directory-traversal",
"header"
],
"items": {
"description": "A category of the rule.",
"example": "directory-traversal",
"minLength": 1,
"title": "Category",
"type": "string"
},
"minItems": 1,
"readOnly": true,
"title": "Categories",
"type": "array",
"uniqueItems": true
},
"description": {
"default": "",
"description": "An informative description of the rule.",
"title": "Description",
"type": "string"
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"default": true
}
]
},
"expression": {
"description": "The expression defining which traffic will match the rule.",
"example": "ip.src ne 1.1.1.1",
"minLength": 1,
"title": "Expression",
"type": "string"
},
"id": {
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
"last_updated": {
"description": "The timestamp of when the rule was last modified.",
"example": "2000-01-01T00:00:00.000000Z",
"format": "date-time",
"readOnly": true,
"title": "Last updated",
"type": "string"
},
"logging": {
"description": "An object configuring the rule's logging behavior.",
"properties": {
"enabled": {
"description": "Whether to generate a log when the rule matches.",
"example": true,
"title": "Enabled",
"type": "boolean"
}
},
"required": [
"enabled"
],
"title": "Logging",
"type": "object"
},
"ref": {
"description": "The reference of the rule (the rule ID by default).",
"example": "my_ref",
"minLength": 1,
"title": "Ref",
"type": "string"
},
"version": {
"description": "The version of the rule.",
"example": "1",
"pattern": "^[0-9]+$",
"readOnly": true,
"title": "Version",
"type": "string"
}
},
"required": [
"version",
"last_updated"
],
"title": "Rule",
"type": "object"
},
{
"properties": {
"action": {
"enum": [
"execute"
]
},
"action_parameters": {
"properties": {
"id": {
"allOf": [
{
"description": "The unique ID of the ruleset.",
"example": "2f2feab2026849078ba485f918791bdc",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
{
"description": "The ID of the ruleset to execute.",
"example": "4814384a9e5d4991b9815dcfc25d2f1f"
}
]
},
"matched_data": {
"description": "The configuration to use for matched data logging.",
"properties": {
"public_key": {
"description": "The public key to encrypt matched data logs with.",
"example": "iGqBmyIUxuWt1rvxoAharN9FUXneUBxA/Y19PyyrEG0=",
"minLength": 1,
"title": "Public key",
"type": "string"
}
},
"required": [
"public_key"
],
"title": "Matched data",
"type": "object"
},
"overrides": {
"description": "A set of overrides to apply to the target ruleset.",
"minProperties": 1,
"properties": {
"action": {
"allOf": [
{
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
{
"description": "An action to override all rules with. This option has lower precedence than rule and category overrides."
}
]
},
"categories": {
"description": "A list of category-level overrides. This option has the second-highest precedence after rule-level overrides.",
"items": {
"description": "A category-level override",
"minProperties": 2,
"properties": {
"action": {
"allOf": [
{
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
{
"description": "The action to override rules in the category with."
}
]
},
"category": {
"allOf": [
{
"description": "A category of the rule.",
"example": "directory-traversal",
"minLength": 1,
"title": "Category",
"type": "string"
},
{
"description": "The name of the category to override."
}
]
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"description": "Whether to enable execution of rules in the category."
}
]
},
"sensitivity_level": {
"allOf": [
{
"enum": [
"default",
"medium",
"low",
"eoff"
],
"title": "Sensitivity level",
"type": "string"
},
{
"description": "The sensitivity level to use for rules in the category."
}
]
}
},
"required": [
"category"
],
"title": "Category override",
"type": "object"
},
"minItems": 1,
"title": "Category overrides",
"type": "array",
"uniqueItems": true
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"description": "Whether to enable execution of all rules. This option has lower precedence than rule and category overrides."
}
]
},
"rules": {
"description": "A list of rule-level overrides. This option has the highest precedence.",
"items": {
"description": "A rule-level override",
"minProperties": 2,
"properties": {
"action": {
"allOf": [
{
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
{
"description": "The action to override the rule with."
}
]
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"description": "Whether to enable execution of the rule."
}
]
},
"id": {
"allOf": [
{
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
{
"description": "The ID of the rule to override.",
"example": "8ac8bc2a661e475d940980f9317f28e1"
}
]
},
"score_threshold": {
"description": "The score threshold to use for the rule.",
"title": "Score threshold",
"type": "integer"
},
"sensitivity_level": {
"allOf": [
{
"enum": [
"default",
"medium",
"low",
"eoff"
],
"title": "Sensitivity level",
"type": "string"
},
{
"description": "The sensitivity level to use for the rule."
}
]
}
},
"required": [
"id"
],
"title": "Rule override",
"type": "object"
},
"minItems": 1,
"title": "Rule overrides",
"type": "array",
"uniqueItems": true
},
"sensitivity_level": {
"allOf": [
{
"enum": [
"default",
"medium",
"low",
"eoff"
],
"title": "Sensitivity level",
"type": "string"
},
{
"description": "A sensitivity level to set for all rules. This option has lower precedence than rule and category overrides and is only applicable for DDoS phases."
}
]
}
},
"title": "Overrides",
"type": "object"
}
},
"required": [
"id"
]
},
"description": {
"example": "Execute the OWASP ruleset when the IP address is not 1.1.1.1"
}
},
"title": "Execute rule"
}
]
},
{
"allOf": [
{
"properties": {
"action": {
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
"action_parameters": {
"description": "The parameters configuring the rule's action.",
"title": "Action parameters",
"type": "object"
},
"categories": {
"description": "The categories of the rule.",
"example": [
"directory-traversal",
"header"
],
"items": {
"description": "A category of the rule.",
"example": "directory-traversal",
"minLength": 1,
"title": "Category",
"type": "string"
},
"minItems": 1,
"readOnly": true,
"title": "Categories",
"type": "array",
"uniqueItems": true
},
"description": {
"default": "",
"description": "An informative description of the rule.",
"title": "Description",
"type": "string"
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"default": true
}
]
},
"expression": {
"description": "The expression defining which traffic will match the rule.",
"example": "ip.src ne 1.1.1.1",
"minLength": 1,
"title": "Expression",
"type": "string"
},
"id": {
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
"last_updated": {
"description": "The timestamp of when the rule was last modified.",
"example": "2000-01-01T00:00:00.000000Z",
"format": "date-time",
"readOnly": true,
"title": "Last updated",
"type": "string"
},
"logging": {
"description": "An object configuring the rule's logging behavior.",
"properties": {
"enabled": {
"description": "Whether to generate a log when the rule matches.",
"example": true,
"title": "Enabled",
"type": "boolean"
}
},
"required": [
"enabled"
],
"title": "Logging",
"type": "object"
},
"ref": {
"description": "The reference of the rule (the rule ID by default).",
"example": "my_ref",
"minLength": 1,
"title": "Ref",
"type": "string"
},
"version": {
"description": "The version of the rule.",
"example": "1",
"pattern": "^[0-9]+$",
"readOnly": true,
"title": "Version",
"type": "string"
}
},
"required": [
"version",
"last_updated"
],
"title": "Rule",
"type": "object"
},
{
"properties": {
"action": {
"enum": [
"log"
]
},
"action_parameters": {
"enum": [
{}
]
},
"description": {
"example": "Log when the IP address is not 1.1.1.1"
}
},
"title": "Log rule"
}
]
},
{
"allOf": [
{
"properties": {
"action": {
"description": "The action to perform when the rule matches.",
"example": "log",
"pattern": "^[a-z]+$",
"title": "Action",
"type": "string"
},
"action_parameters": {
"description": "The parameters configuring the rule's action.",
"title": "Action parameters",
"type": "object"
},
"categories": {
"description": "The categories of the rule.",
"example": [
"directory-traversal",
"header"
],
"items": {
"description": "A category of the rule.",
"example": "directory-traversal",
"minLength": 1,
"title": "Category",
"type": "string"
},
"minItems": 1,
"readOnly": true,
"title": "Categories",
"type": "array",
"uniqueItems": true
},
"description": {
"default": "",
"description": "An informative description of the rule.",
"title": "Description",
"type": "string"
},
"enabled": {
"allOf": [
{
"description": "Whether the rule should be executed.",
"example": true,
"title": "Enabled",
"type": "boolean"
},
{
"default": true
}
]
},
"expression": {
"description": "The expression defining which traffic will match the rule.",
"example": "ip.src ne 1.1.1.1",
"minLength": 1,
"title": "Expression",
"type": "string"
},
"id": {
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
"last_updated": {
"description": "The timestamp of when the rule was last modified.",
"example": "2000-01-01T00:00:00.000000Z",
"format": "date-time",
"readOnly": true,
"title": "Last updated",
"type": "string"
},
"logging": {
"description": "An object configuring the rule's logging behavior.",
"properties": {
"enabled": {
"description": "Whether to generate a log when the rule matches.",
"example": true,
"title": "Enabled",
"type": "boolean"
}
},
"required": [
"enabled"
],
"title": "Logging",
"type": "object"
},
"ref": {
"description": "The reference of the rule (the rule ID by default).",
"example": "my_ref",
"minLength": 1,
"title": "Ref",
"type": "string"
},
"version": {
"description": "The version of the rule.",
"example": "1",
"pattern": "^[0-9]+$",
"readOnly": true,
"title": "Version",
"type": "string"
}
},
"required": [
"version",
"last_updated"
],
"title": "Rule",
"type": "object"
},
{
"properties": {
"action": {
"enum": [
"skip"
]
},
"action_parameters": {
"example": {
"ruleset": "current"
},
"minProperties": 1,
"properties": {
"phases": {
"description": "A list of phases to skip the execution of. This option is incompatible with the ruleset and rulesets options.",
"items": {
"allOf": [
{
"description": "The phase of the ruleset.",
"enum": [
"ddos_l4",
"ddos_l7",
"http_config_settings",
"http_custom_errors",
"http_log_custom_fields",
"http_ratelimit",
"http_request_cache_settings",
"http_request_dynamic_redirect",
"http_request_firewall_custom",
"http_request_firewall_managed",
"http_request_late_transform",
"http_request_origin",
"http_request_redirect",
"http_request_sanitize",
"http_request_sbfm",
"http_request_select_configuration",
"http_request_transform",
"http_response_compression",
"http_response_firewall_managed",
"http_response_headers_transform",
"magic_transit",
"magic_transit_ids_managed",
"magic_transit_managed"
],
"example": "http_request_firewall_custom",
"title": "Phase",
"type": "string"
},
{
"description": "A phase to skip the execution of."
}
]
},
"minItems": 1,
"title": "Phases",
"type": "array",
"uniqueItems": true
},
"products": {
"description": "A list of legacy security products to skip the execution of.",
"items": {
"description": "The name of a legacy security product to skip the execution of.",
"enum": [
"bic",
"hot",
"rateLimit",
"securityLevel",
"uaBlock",
"waf",
"zoneLockdown"
],
"title": "Product",
"type": "string"
},
"minItems": 1,
"title": "Products",
"type": "array",
"uniqueItems": true
},
"rules": {
"additionalProperties": {
"description": "A list of rule IDs in the ruleset to skip the execution of.",
"items": {
"allOf": [
{
"description": "The unique ID of the rule.",
"example": "3a03d665bac047339bb530ecb439a90d",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
{
"description": "The ID of a rule in the ruleset to skip the execution of.",
"example": "8ac8bc2a661e475d940980f9317f28e1",
"title": "Rule"
}
]
},
"minItems": 1,
"title": "Rules",
"type": "array",
"uniqueItems": true
},
"description": "A mapping of ruleset IDs to a list of rule IDs in that ruleset to skip the execution of. This option is incompatible with the ruleset option.",
"example": {
"4814384a9e5d4991b9815dcfc25d2f1f": [
"8ac8bc2a661e475d940980f9317f28e1"
]
},
"minProperties": 1,
"title": "Rules",
"type": "object"
},
"ruleset": {
"description": "A ruleset to skip the execution of. This option is incompatible with the rulesets, rules and phases options.",
"enum": [
"current"
],
"title": "Ruleset",
"type": "string"
},
"rulesets": {
"description": "A list of ruleset IDs to skip the execution of. This option is incompatible with the ruleset and phases options.",
"items": {
"allOf": [
{
"description": "The unique ID of the ruleset.",
"example": "2f2feab2026849078ba485f918791bdc",
"pattern": "^[0-9a-f]{32}$",
"title": "ID",
"type": "string"
},
{
"description": "The ID of a ruleset to skip the execution of.",
"example": "4814384a9e5d4991b9815dcfc25d2f1f",
"title": "Ruleset"
}
]
},
"minItems": 1,
"title": "Rulesets",
"type": "array",
"uniqueItems": true
}
}
},
"description": {
"example": "Skip the current ruleset when the IP address is not 1.1.1.1"
}
},
"title": "Skip rule"
}
]
}
]
},
{
"required": [
"id",
"expression",
"action",
"ref",
"enabled"
]
}
]
},
"title": "Rules",
"type": "array"
}
},
"required": [
"name",
"kind",
"phase",
"rules"
]
}
]
}
}
}
]
}
}
},
"description": "Update an account ruleset rule response."
},
"4XX": {
"content": {
"application/json": {
"schema": {
"description": "A failure response object.",
"properties": {
"errors": {
"description": "A list of error messages.",
"items": {
"description": "A message.",
"properties": {
"code": {
"description": "A unique code for this message.",
"example": 10000,
"title": "Code",
"type": "integer"
},
"message": {
"description": "A text description of this message.",
"example": "something bad happened",
"minLength": 1,
"title": "Description",
"type": "string"
},
"source": {
"description": "The source of this message.",
"properties": {
"pointer": {
"description": "A JSON pointer to the field that is the source of the message.",
"example": "/rules/0/action",
"minLength": 1,
"title": "Pointer",
"type": "string"
}
},
"required": [
"pointer"
],
"title": "Source",
"type": "object"
}
},
"required": [
"message"
],
"title": "Message",
"type": "object"
},
"title": "Errors",
"type": "array"
},
"messages": {
"description": "A list of warning messages.",
"items": {
"description": "A message.",
"properties": {
"code": {
"description": "A unique code for this message.",
"example": 10000,
"title": "Code",
"type": "integer"
},
"message": {
"description": "A text description of this message.",
"example": "something bad happened",
"minLength": 1,
"title": "Description",
"type": "string"
},
"source": {
"description": "The source of this message.",
"properties": {
"pointer": {
"description": "A JSON pointer to the field that is the source of the message.",
"example": "/rules/0/action",
"minLength": 1,
"title": "Pointer",
"type": "string"
}
},
"required": [
"pointer"
],
"title": "Source",
"type": "object"
}
},
"required": [
"message"
],
"title": "Message",
"type": "object"
},
"title": "Messages",
"type": "array"
},
"result": {
"description": "A result.",
"enum": [
null
],
"title": "Result"
},
"success": {
"description": "Whether the API call was successful.",
"enum": [
false
],
"title": "Success",
"type": "boolean"
}
},
"required": [
"result",
"success",
"errors",
"messages"
],
"title": "Failure response",
"type": "object"
}
}
},
"description": "Update an account ruleset rule failure response."
}
}[
{
"api_token": []
},
{
"api_email": [],
"api_key": []
},
{
"api_email": [],
"api_key": []
}
]