Rulesets API

This guide is for the Rulesets API, used to control your WAF IP and WAF ID based rulesets. Please see the API overview for information on using the Nova API.


Examples

List Rules

This will return a list of your rulesets, allowed and denied/blocked. This only works if your Organisation has one WAF Profile.

Variables

Method: GET
Endpoint: /api/rulesets/{what}

Variables:
 - what: ips|waf-rules

Response

{
    "success": true,
    "data": {
        "allowed": [
            "192.168.99.0/24",
            "192.168.10.53/32"
        ],
        "blocked": [
            "127.0.0.99",
            "127.0.0.100"
        ]
    }
}

Add an IP

Add an IP to either the allowed or blocked IP list. This only works if your Organisation has one WAF Profile.

Variables

Method: POST
Endpoint: /api/rulesets/addIp

Variables: 
 - list: allowed|blocked
 - ip: IP or IP/CIDR

Response

{
    "success": true,
    "data": {
        "message": "The allowed list was updated to add 192.168.10.53/32"
    }
}

Remove an IP

Remove an IP from either the allowed or blocked IP list. This only works if your Organisation has one WAF Profile.

Variables

Method: POST
Endpoint: /api/rulesets/removeIp

Variables: 
 - list: allowed|blocked
 - ip: IP or IP/CIDR

Response

{
    "success": true,
    "data": {
        "message": "The allowed list was updated to remove 192.168.10.50/32"
    }
}

Deploy changes

Since the introduction of WAF Profiles changes will deploy automatically when you add or remove an IP from the list.


List WAF Profiles

This will return a list of your WAF Profiles.

Variables

Method: GET
Endpoint: /api/waf/profiles

Response

{
    "success": true,
    "data": {
        "profiles": [
            {
                 "id": 4,
                 "name": "Red Profile",
                 "is_default": true
            }, {
                 "id": 5,
                 "name": "Blue Profile",
                 "is_default": false
            }
        ]
    }
}

List WAF Profile Rules

This will return a list of your rulesets for a specific WAF Profile, allowed and denied/blocked.

Variables

Method: GET
Endpoint: /api/rulesets/{profile_id}/{what}

Variables:
 - profile_id: integer
 - what: ips|waf-rules

Response

{
    "success": true,
    "data": {
        "allowed": [
            "192.168.99.0/24",
            "192.168.10.53/32"
        ],
        "blocked": [
            "127.0.0.99",
            "127.0.0.100"
        ]
    }
}

Add an IP to a WAF Profile

Add an IP to either the allowed or blocked IP list for a specific WAF Profile.

Variables

Method: POST
Endpoint: /api/rulesets/{profile_id}/addIp

Variables: 
 - profile_id: integer
 - list: allowed|blocked
 - ip: IP or IP/CIDR

Response

{
    "success": true,
    "data": {
        "message": "The allowed list was updated to add 192.168.10.53/32"
    }
}

Remove an IP from a WAF Profile

Remove an IP from either the allowed or blocked IP list on a specific WAF Profile.

Variables

Method: POST
Endpoint: /api/rulesets/{profile_id}/removeIp

Variables:  
 - profile_id: integer
 - list: allowed|blocked
 - ip: IP or IP/CIDR

Response

{
    "success": true,
    "data": {
        "message": "The allowed list was updated to remove 192.168.10.50/32"
    }
}