Firewall versions

Firewall version objects contain all of the rules and settings for your WAF and remain empty until properly configured. To understand the behavior of thresholds and scores, see Managing rules. Newly created firewall versions are initiated without any associated rules. See Active Rules for details. Changes to your WAF's rules and settings can be made by cloning an existing firewall version, making the changes, and then activating the new firewall version.

Data model

activebooleanWhether a specific firewall version is currently deployed.
active_rules_fastly_block_countintegerThe number of active Fastly rules set to block.
active_rules_fastly_log_countintegerThe number of active Fastly rules set to log.
active_rules_fastly_score_countintegerThe number of active Fastly rules set to score.
active_rules_owasp_block_countintegerThe number of active OWASP rules set to block.
active_rules_owasp_log_countintegerThe number of active OWASP rules set to log.
active_rules_owasp_score_countintegerThe number of active OWASP rules set to score.
active_rules_trustwave_block_countintegerThe number of active Trustwave rules set to block.
active_rules_trustwave_log_countintegerThe number of active Trustwave rules set to log.
allowed_http_versionsstringAllowed HTTP versions.
allowed_methodsstringA space-separated list of HTTP method names.
allowed_request_content_typestringAllowed request content types.
allowed_request_content_type_charsetstringAllowed request content type charset.
arg_lengthintegerThe maximum number of arguments allowed.
arg_name_lengthintegerThe maximum allowed argument name length.
combined_file_sizesintegerThe maximum allowed size of all files (in bytes).
commentstringA freeform descriptive note.
created_atstringTime-stamp (GMT) when the firewall version was created.
critical_anomaly_scoreintegerScore value to add for critical anomalies.
crs_validate_utf8_encodingbooleanCRS validate UTF8 encoding.
deployed_atstringTime-stamp (GMT) indicating when the firewall version was last deployed.
errorstringContains error message if the firewall version fails to deploy.
error_anomaly_scoreintegerScore value to add for error anomalies.
high_risk_country_codesstringA space-separated list of country codes in ISO 3166-1 (two-letter) format.
http_violation_score_thresholdintegerHTTP violation threshold.
inbound_anomaly_score_thresholdintegerInbound anomaly threshold.
last_deployment_statusstringThe status of the last deployment of this firewall version.
lfi_score_thresholdintegerLocal file inclusion attack threshold.
lockedbooleanWhether a specific firewall version is locked from being modified.
max_file_sizeintegerThe maximum allowed file size, in bytes.
max_num_argsintegerThe maximum number of arguments allowed.
notice_anomaly_scoreintegerScore value to add for notice anomalies.
numberintegerInteger identifying a WAF firewall version.
paranoia_levelintegerThe configured paranoia level.
php_injection_score_thresholdintegerPHP injection threshold.
rce_score_thresholdintegerRemote code execution threshold.
restricted_extensionsstringA space-separated list of allowed file extensions.
restricted_headersstringA space-separated list of allowed header names.
rfi_score_thresholdintegerRemote file inclusion attack threshold.
session_fixation_score_thresholdintegerSession fixation attack threshold.
sql_injection_score_thresholdintegerSQL injection attack threshold.
total_arg_lengthintegerThe maximum size of argument names and values.
updated_atstringTime-stamp (GMT) when the firewall version was last updated.
warning_anomaly_scoreintegerScore value to add for warning anomalies.
xss_score_thresholdintegerXSS attack threshold.

Endpoints

List firewall versions

GET/waf/firewalls/firewall_id/versions

Create a firewall version

POST/waf/firewalls/firewall_id/versions

Get a firewall version

GET/waf/firewalls/firewall_id/versions/firewall_version_number

Update a firewall version

PATCH/waf/firewalls/firewall_id/versions/firewall_version_number

Clone a firewall version

PUT/waf/firewalls/firewall_id/versions/firewall_version_number/clone

Deploy or activate a firewall version

PUT/waf/firewalls/firewall_id/versions/firewall_version_number/activate