Hear from Slack, the ACLU, TED, & more at our customer summit in San Francisco Register
LOG IN SIGN UP
Documentation

Fastly offers a web application firewall (WAF) security service that allows you to detect malicious request traffic and log or log and block that traffic before it reaches your web application. The Fastly WAF provides rules that detect and block potential attacks. The rules are collected into a policy and deployed within your Fastly service at the edge.

Firewall

Firewall object used when configuring WAF.


Fields

field type description
last_push string

Date and time that VCL was last pushed to cache nodes.

prefetch_condition string

Name of the corresponding condition object.

response string

Name of the corresponding response object.

version string

The current version number of a service.

Actions

GET /service/service_id/version/version/wafs

List all firewall objects for a particular service and version.

Authentication

API token.

Parameters
parameter type description
page[size] integer

Limit the number of returned tags.

page[number] integer

Request a specific page of tags.

include string

Include relationships. Optional, comma separated values. Permitted values: configuration_set.

Request Example
GET /service/SU1Z0isxPaozGVKXdv0eY/version/1/wafs
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data" : [
{
"id" : "6hBXhHGly9nQT9PvnA1cRo",
"type" : "waf",
"attributes" : {
"prefetch_condition" : null,
"response" : "waf",
"last_push" : "2016-09-28 22:52:33 UTC",
"version" : "2"
},
"relationships": {
"configuration_set": {
"data": {
"type": "configuration_set",
"id": "x4xCwxxJxGCx123Rx5xTx"
}
}
}
}
]
"links" : {
"first" : "https://api.fastly.com/service/4CkNe7DSkapn8huuYZqpIK/version/2/wafs?page[number]=1&page[size]=100",
"last" : "https://api.fastly.com/service/4CkNe7DSkapn8huuYZqpIK/version/2/wafs?page[number]=1&page[size]=100"
},
}
GET /service/service_id/version/version/wafs/waf_id

Get a specific firewall object.

Authentication

API token.

Parameters
parameter type description
service_id string

The ID of the service.

version integer

The number of the version.

waf_id string

The firewall ID.

Request Example
GET /service/SU1Z0isxPaozGVKXdv0eY/version/1/wafs/3N9YFqslrxuURkTPXGwQbX
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": {
"attributes": {
"last_push": "2016-08-16 17:05:13 UTC",
"prefetch_condition": "WAF-Condition",
"response": "WAF_Error",
"version": "1"
},
"id": "3N9YFqslrxuURkTPXGwQbX",
"relationships": {
"configuration_set": {
"data": {
"id": "3X2wuHEBldz3Hv9HCmxGdL",
"type": "configuration_set"
}
}
},
"type": "waf"
}
}
POST /service/service_id/version/version/wafs

Create a firewall object for a particular service and version.

Authentication

API token.

Request Example
POST /service/SU1Z0isxPaozGVKXdv0eY/version/1/wafs
Fastly-Key: YOUR_FASTLY_TOKEN
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json
{
"data": {
"attributes": {
"prefetch_condition": "WAF-Condition",
"response": "WAF_Error",
},
"type": "waf"
}
}
Response Example
HTTP/1.1 201 Created
Content-Type: application/vnd.api+json
{
"data": {
"id": "3N9YFqslrxuURkTPXGwQbX",
"type": "waf",
"attributes": {
"last_push": null,
"prefetch_condition": "WAF-Condition",
"response": "WAF_Error",
"version": "1"
},
"relationships": {
"configuration_set": {
"data": {
"id": "3X2wuHEBldz3Hv9HCmxGdL",
"type": "configuration_set"
}
}
}
}
}
PATCH /service/service_id/version/version/wafs/waf_id

Update a firewall object for a particular service and version.

Authentication

API token.

Request Example
PATCH /service/SU1Z0isxPaozGVKXdv0eY/version/1/wafs/3N9YFqslrxuURkTPXGwQbX
Fastly-Key: YOUR_FASTLY_TOKEN
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json
{
"data": {
"attributes": {
"response": "new response",
},
"relationships": {
"configuration_set": {
"data": {
"id": "FASTLY_RULES_ID",
"type": "configuration_set"
}
}
},
"id": "3N9YFqslrxuURkTPXGwQbX",
"type": "waf"
}
}
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": {
"id": "3N9YFqslrxuURkTPXGwQbX",
"type": "waf",
"attributes": {
"last_push": null,
"prefetch_condition": "WAF-Condition",
"response": "new response",
"version": "1"
},
"relationships": {
"configuration_set": {
"data": {
"id": "3X2wuHEBldz3Hv9HCmxGdL",
"type": "configuration_set"
}
}
}
}
}

OWASP

OWASP settings object used when configuring WAF.


Fields

field type description
allowed_html_urls string

A space-separated list of URLs that will not be checked for XSS.

allowed_http_versions string

Allowed HTTP versions (default HTTP/1.0 HTTP/1.1 HTTP/2).

allowed_methods string

A space-separated list of HTTP method names (default GET HEAD POST OPTIONS PUT PATCH DELETE).

allowed_request_content_type string

Allowed request content types (default application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf|application/json|text/plain).

arg_length integer

The maximum number of arguments allowed (default 400).

arg_name_length integer

The maximum allowed argument name length (default 100).

brute_force_counter_threshold integer

Brute force attack threshold.

combined_file_sizes integer

The maximum allowed size of all files (in bytes, default 10000000).

created_at string

Date and time that the settings object was created.

critical_anomaly_score integer

Score value to add for critical anomalies (default 6).

crs_validate_utf8_encoding boolean

CRS validate UTF8 encoding.

dos_counter_threshold integer

Denial of service attack threshold.

error_anomaly_score integer

Score value to add for error anomalies (default 5).

high_risk_country_codes string

A space-separated list of high-risk country codes.

http_violation_score_threshold integer

HTTP violation threshold.

inbound_anomaly_score_threshold integer

Inbound anomaly threshold.

lfi_score_threshold integer

Local file injection attack threshold.

max_file_size integer

The maximum allowed file size (in bytes, default 10000000).

max_num_args integer

The maximum number of arguments allowed (default 255).

notice_anomaly_score integer

Score value to add for notice anomalies (default 4).

outbound_anomaly_score_threshold integer

Outbound anomaly threshold.

paranoia_level integer

The configured paranoia level (default 2).

php_injection_score_threshold integer

PHP injection threshold.

rce_score_threshold integer

Remote code execution threshold.

restricted_extensions string

A space-separated list of allowed file extensions (default .asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx).

restricted_headers string

A space-separated list of allowed header names (default /proxy/ /lock-token/ /content-range/ /translate/ /if/).

rfi_score_threshold integer

Remote file inclusion attack threshold.

session_fixation_score_threshold integer

Session fixation attack threshold.

sql_injection_score_threshold integer

SQL injection attack threshold.

total_arg_length integer

The maximum size of argument names and values (default 6400).

trojan_score_threshold integer

Trojan attack threshold.

updated_at string

Date and time that the settings object was last updated.

warning_anomaly_score integer

Score value to add for warning anomalies.

xss_score_threshold integer

XSS attack threshold.

Actions

GET /service/service_id/wafs/waf_id/owasp

Get an OWASP settings object for a particular service and firewall.

Authentication

API token.

Parameters
parameter type description
service_id string

The ID of the service.

waf_id string

The firewall ID.

Request Example
GET /service/SU1Z0isxPaozGVKXdv0eY/wafs/3N9YFqslrxuURkTPXGwQbX/owasp
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": {
"id": "3EfaBF7gWjOUxJc8PylEIt",
"type": "owasp",
"attributes": {
"allowed_html_urls": null,
"allowed_http_versions": "HTTP/1.0 HTTP/1.1 HTTP/2",
"allowed_methods": "GET HEAD POST OPTIONS PUT PATCH DELETE",
"allowed_request_content_type": "application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf|application/json|text/plain",
"arg_length": 400,
"arg_name_length": 100,
"brute_force_counter_threshold": 999,
"combined_file_sizes": 10000000,
"created_at": "2016-09-09 16:00:17 UTC",
"critical_anomaly_score": 6,
"crs_validate_utf8_encoding": false,
"dos_counter_threshold": 999,
"error_anomaly_score": 5,
"high_risk_country_codes": null,
"http_violation_score_threshold": 999,
"inbound_anomaly_score_threshold": 999,
"lfi_score_threshold": 999,
"max_file_size": 10000000,
"max_num_args": null,
"notice_anomaly_score": 4,
"outbound_anomaly_score_threshold": 999,
"paranoia_level": 2,
"php_injection_score_threshold": 999,
"rce_score_threshold": 999,
"restricted_extensions": ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx",
"restricted_headers": "/proxy/ /lock-token/ /content-range/ /translate/ /if/",
"rfi_score_threshold": 999,
"session_fixation_score_threshold": 999,
"sql_injection_score_threshold": 999,
"total_arg_length": 6400,
"trojan_score_threshold": 999,
"updated_at": "2016-09-09 16:00:17 UTC",
"warning_anomaly_score": 3,
"xss_score_threshold": 999
},
"relationships": {
"waf": {
"data": {
"type": "waf",
"id": "x4xCwxxJxGCx123Rx5xTx"
}
}
}
}
}
POST /service/service_id/wafs/waf_id/owasp

Create an OWASP settings object for a particular service and firewall.

Authentication

API token.

Request Example
POST /service/SU1Z0isxPaozGVKXdv0eY/wafs/3N9YFqslrxuURkTPXGwQbX/owasp
Fastly-Key: YOUR_FASTLY_TOKEN
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json
{
"data": {
"type": "owasp"
}
}
Response Example
HTTP/1.1 201 Created
Content-Type: application/vnd.api+json
{
"data": {
"id": "3EfaBF7gWjOUxJc8PylEIt",
"type": "owasp",
"attributes": {
"allowed_html_urls": null,
"allowed_http_versions": "HTTP/1.0 HTTP/1.1 HTTP/2",
"allowed_methods": "GET HEAD POST OPTIONS PUT PATCH DELETE",
"allowed_request_content_type": "application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf|application/json|text/plain",
"arg_length": 400,
"arg_name_length": 100,
"brute_force_counter_threshold": 999,
"combined_file_sizes": 10000000,
"created_at": "2016-09-09 16:00:17 UTC",
"critical_anomaly_score": 6,
"crs_validate_utf8_encoding": false,
"dos_counter_threshold": 999,
"error_anomaly_score": 5,
"high_risk_country_codes": null,
"http_violation_score_threshold": 999,
"inbound_anomaly_score_threshold": 999,
"lfi_score_threshold": 999,
"max_file_size": 10000000,
"max_num_args": null,
"notice_anomaly_score": 4,
"outbound_anomaly_score_threshold": 999,
"paranoia_level": 2,
"php_injection_score_threshold": 999,
"rce_score_threshold": 999,
"restricted_extensions": ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx",
"restricted_headers": "/proxy/ /lock-token/ /content-range/ /translate/ /if/",
"rfi_score_threshold": 999,
"session_fixation_score_threshold": 999,
"sql_injection_score_threshold": 999,
"total_arg_length": 6400,
"trojan_score_threshold": 999,
"updated_at": "2016-09-09 16:00:17 UTC",
"warning_anomaly_score": 3,
"xss_score_threshold": 999
},
"relationships": {
"waf": {
"data": {
"type": "waf",
"id": "x4xCwxxJxGCx123Rx5xTx"
}
}
}
}
}
PATCH /service/service_id/wafs/waf_id/owasp

Update an OWASP settings object for a particular service and firewall.

Authentication

API token.

Request Example
PATCH /service/SU1Z0isxPaozGVKXdv0eY/wafs/3N9YFqslrxuURkTPXGwQbX/owasp
Fastly-Key: YOUR_FASTLY_TOKEN
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json
{
"data": {
{
"attributes": {
"brute_force_counter_threshold": 42,
},
"id": "3EfaBF7gWjOUxJc8PylEIt",
"type": "owasp"
}
}
}
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": {
"id": "3EfaBF7gWjOUxJc8PylEIt",
"type": "owasp",
"attributes": {
"allowed_html_urls": null,
"allowed_http_versions": "HTTP/1.0 HTTP/1.1 HTTP/2",
"allowed_methods": "GET HEAD POST OPTIONS PUT PATCH DELETE",
"allowed_request_content_type": "application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf|application/json|text/plain",
"arg_length": 400,
"arg_name_length": 100,
"brute_force_counter_threshold": 42,
"combined_file_sizes": 10000000,
"created_at": "2016-09-09 16:00:17 UTC",
"critical_anomaly_score": 6,
"crs_validate_utf8_encoding": false
"dos_counter_threshold": 999,
"error_anomaly_score": 5,
"high_risk_country_codes": null,
"http_violation_score_threshold": 999,
"inbound_anomaly_score_threshold": 999,
"lfi_score_threshold": 999,
"max_file_size": 10000000,
"max_num_args": null,
"notice_anomaly_score": 4,
"outbound_anomaly_score_threshold": 999,
"paranoia_level": 2,
"php_injection_score_threshold": 999,
"rce_score_threshold": 999,
"restricted_extensions": ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx",
"restricted_headers": "/proxy/ /lock-token/ /content-range/ /translate/ /if/",
"rfi_score_threshold": 999,
"session_fixation_score_threshold": 999,
"sql_injection_score_threshold": 999,
"total_arg_length": 6400,
"trojan_score_threshold": 999,
"updated_at": "2016-09-09 16:00:17 UTC",
"warning_anomaly_score": 3,
"xss_score_threshold": 999,
},
"relationships": {
"waf": {
"data": {
"type": "waf",
"id": "x4xCwxxJxGCx123Rx5xTx"
}
}
}
}
}

Rules

Rules used when configuring WAF. Rules can be filtered by rule_id.


Fields

field type description
accuracy integer

Accuracy metadata of the rule.

maturity integer

Maturity metadata for the rule.

message string

Message metadata for the rule.

revision string

Revision metadata for the rule.

rule_id integer

Corresponding ModSecurity rule ID.

severity integer

Severity metadata for the rule.

version string

Version metadata for the rule.

Actions

GET /wafs/rules

List all rules.

Authentication

API token.

Parameters
parameter type description
filter[rule_id] integer

Limit the returned rules to a specific rule ID.

filter[version] integer

Limit the returned rules to a specific version.

filter[revision] string

Limit the returned rules to a specific revision.

filter[severity] string

Limit the returned rules to a specific severity.

filter[maturity] string

Limit the returned rules to a specific maturity.

filter[tags][name] string

Limit the returned rules to a set linked to a tag by name.

page[size] integer

Limit the number of returned tags.

page[number] integer

Request a specific page of tags.

include array

Include relationships. Optional, comma separated values. Permitted values: rules.

Request Example
GET /wafs/rules?filter[rule_id]=2044149
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data" : [
{
"type" : "rule",
"id" : 949120,
"attributes" : {
"version" : null,
"revision" : null,
"rule_id" : 949120,
"severity" : 2,
"accuracy" : null,
"maturity" : null,
"message" : "Cross-site Scripting (XSS) Anomaly Threshold Exceeded (XSS Score: %{TX.XSS_SCORE})"
}
}
],
"links" : {
"last" : "https://api.fastly.com/wafs/rules?page[number]=204&page[size]=1",
"first" : "https://api.fastly.com/wafs/rules?page[number]=1&page[size]=1",
"next" : "https://api.fastly.com/wafs/rules?page[number]=2&page[size]=1"
}
}
GET /wafs/rules/rule_id

Get a specific rule.

Authentication

API token.

Parameters
parameter type description
rule_id integer

The rule ID.

Request Example
GET /wafs/rules/2044149
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": {
"attributes": {
"accuracy": null,
"maturity": null,
"message": "SLR: Xpoze account/user/mail.html reed Parameter SQL Injection",
"revision": "032714",
"rule_id": 2044149,
"severity": 2,
"version": null,
},
"id": 2044149,
"relationships": {
"tags": {
"data": [
{
"id": "1eAnWPBCtR2Ayq6yey0nPm",
"type": "tag"
}
]
}
},
"type": "rule"
}
}
GET /wafs/rules/rule_id/vcl

Get associated VCL for a specific rule.

Authentication

API token.

Parameters
parameter type description
rule_id integer

The rule ID.

Request Example
GET /wafs/rules/2044149
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": {
"id": "2044149-vcl",
"type": "rule_vcl",
"attributes": {
"vcl": "sub waf_ruleset {\n declare local var.postbody STRING;\n set var.postbody = req.postbody;\n\n workspace.snapshot;\n\n set waf.rule_id = 943011;\n\n call waf_debug_log;\n workspace.restore;\n goto WAF_MARKER_0;\n\n workspace.restore;\n\n if (waf.blocked || waf.logged) {\n return;\n }\n}"
},
"relationships": {
"rule": {
"data": {
"id": 2044149
"type": "rule"
}
}
}
}
}
GET /wafs/waf_id/rules/rule_id/vcl

Get associated VCL for a specific rule associated with a specific firewall.

Authentication

API token.

Parameters
parameter type description
waf_id string

The firewall ID.

rule_id integer

The rule ID.

Request Example
GET /wafs/2aRci7GLsXVO9vFo9x0Ih4/rules/2044149
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": {
"id": "2044149-2aRci7GLsXVO9vFo9x0Ih4-vcl",
"type": "rule_vcl",
"attributes": {
"vcl": "/*\nThis is a report of changes to the rules you have configured when generating\nVCL. Rules may be edited or removed depending on the configuration of your\nWAF.\n\nParanoiaFilter:\n\n 943011: removed due to being above paranoia level 2\n*/\n\nsub waf_ruleset {\n declare local var.postbody STRING;\n set var.postbody = req.postbody;\n\n if (waf.blocked || waf.logged) {\n return;\n }\n}"
},
"relationships": {
"rule": {
"data": {
"id": 2044149,
"type": "rule"
}
}
}
}
}

Rule statuses

Rule status determines the state of a rule for a given firewall object.


Fields

field type description
status string

The behavior of the VCL generated for the particular rule and firewall pair. Allowed values include: log, block, and disabled.

Actions

GET /service/service_id/wafs/waf_id/rule_statuses

List all rule statuses for a particular service and firewall.

Authentication

API token.

Parameters
parameter type description
filter[status] string

Limit results to rule statuses with the specified status.

filter[rule][accuracy] integer

Limit results to rule statuses whose rules have the specified accuracy.

filter[rule][maturity] integer

Limit results to rule statuses whose rules have the specified maturity.

filter[rule][message] string

Limit results to rule statuses whose rules have the specified message.

filter[rule][revision] integer

Limit results to rule statuses whose rules have the specified revision.

filter[rule][rule_id] string

Limit results to rule statuses whose rules represent the specified ModSecurity rule_id

filter[rule][tags] integer

Limit results to rule statuses whose rules relate to the specified tag IDs.

filter[rule][tags][name] string

Limit results to rule statuses whose rules related to the named tags.

filter[rule][version] string

Limit results to rule statuses whose rules have the specified version.

include array

Include relationships. Optional, comma separated values. Permitted values: tags.

page[size] integer

Limit the number of returned tags.

page[number] integer

Request a specific page of tags.

Request Example
GET /service/SU1Z0isxPaozGVKXdv0eY/wafs/3N9YFqslrxuURkTPXGwQbX/rule_statuses?filter[tags][name]=application-FBC Market
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"links" : {
"last" : "https://api.fastly.com/service/4CkNe7DSkapn8huuYZqpIK/wafs/6hBXhHGly9nQT9PvnA1cRo/rule_statuses?page[number]=1&page[size]=100",
"first" : "https://api.fastly.com/service/4CkNe7DSkapn8huuYZqpIK/wafs/6hBXhHGly9nQT9PvnA1cRo/rule_statuses?page[number]=1&page[size]=100"
},
"data" : [
{
"type" : "rule_status",
"id" : "6hBXhHGly9nQT9PvnA1cRo-20100878",
"attributes" : {
"status" : "log"
}
"relationships": {
"waf": {
"data": {
"type": "waf",
"id": "x4xCwxxJxGCx123Rx5xTx"
}
},
"rule": {
"data": {
"type": "rule",
"id": 20100878
}
}
}
},
{
"id" : "6hBXhHGly9nQT9PvnA1cRo-949110",
"type" : "rule_status"
"attributes" : {
"status" : "disabled"
},
"relationships": {
"waf": {
"data": {
"type": "waf",
"id": "x4xCwxxJxGCx123Rx5xTx"
}
},
"rule": {
"data": {
"type": "rule",
"id": 949110
}
}
}
},
{
"type" : "rule_status",
"id" : "6hBXhHGly9nQT9PvnA1cRo-913120",
"attributes" : {
"status" : "log"
}
"relationships": {
"waf": {
"data": {
"type": "waf",
"id": "x4xCwxxJxGCx123Rx5xTx"
}
},
"rule": {
"data": {
"type": "rule",
"id": 913120
}
}
}
}
]
}
GET /service/service_id/wafs/waf_id/rules/rule_id/rule_status

Get a specific rule status object for a particular service, firewall, and rule.

Authentication

API token.

Parameters
parameter type description
service_id string

The ID of the service.

rule_id integer

The ID of the rule associated with the rule status.

waf_id string

The firewall ID.

Request Example
GET /service/SU1Z0isxPaozGVKXdv0eY/wafs/3N9YFqslrxuURkTPXGwQbX/rules/913120/rule_status
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": {
"attributes": {
"status": "log"
},
"id": "3N9YFqslrxuURkTPXGwQbX-913120",
"relationships": {
"rule": {
"data": [
{
"id": 913120,
"type": "rule"
}
]
},
"waf": {
"data": [
{
"id": "3N9YFqslrxuURkTPXGwQbX",
"type": "waf"
}
]
}
},
"type": "rule_status"
}
}
PATCH /service/service_id/wafs/waf_id/rules/rule_id/rule_status

Update a rule status for a particular service, firewall, and rule.

Authentication

API token.

Request Example
PATCH /service/SU1Z0isxPaozGVKXdv0eY/wafs/3N9YFqslrxuURkTPXGwQbX/rules/913120/rule_status
Fastly-Key: YOUR_FASTLY_TOKEN
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json
{
"data": {
"attributes": {
"status": "block",
},
"id": "3N9YFqslrxuURkTPXGwQbX-913120",
"type": "rule_status"
}
}
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": {
"attributes": {
"status": "block"
},
"id": "3N9YFqslrxuURkTPXGwQbX-913120",
"type": "rule_status"
}
}
POST /service/service_id/wafs/waf_id/rule_statuses

Create or update all rule statuses for a particular service and firewall, based on tag name.

Authentication

API token.

Request Example
POST /service/SU1Z0isxPaozGVKXdv0eY/wafs/3N9YFqslrxuURkTPXGwQbX/rule_statuses
Fastly-Key: YOUR_FASTLY_TOKEN
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json
{
"data": {
"attributes": {
"status": "block",
"name": "application-FBC Market"
},
"id": "3N9YFqslrxuURkTPXGwQbX-913120",
"type": "rule_status"
}
}
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": [
{
"id": "3N9YFqslrxuURkTPXGwQbX-913120",
"type": "rule_status",
"attributes": {
"status": "block",
"name": "application-FBC Market"
},
"relationships": {
"waf": {
"data": {
"type": "waf",
"id": "x4xCwxxJxGCx123Rx5xTx"
}
},
"rule": {
"data": {
"type": "rule",
"id": 913120
}
}
}
}
]
}

Rule sets

Set of rules enabled for a firewall object when configuring WAF.


Fields

field type description
last_push string

Date and time that VCL was last pushed to cache nodes.

vcl string

The VCL generated from the rule set.

Actions

GET /service/service_id/wafs/waf_id/ruleset

Get a rule set for a particular service and firewall object.

Authentication

API token.

Parameters
parameter type description
service_id string

The ID of the service.

waf_id string

The firewall ID.

preview boolean

If present, allows for preview of generated VCL before pushing to cache nodes.

Request Example
GET /service/SU1Z0isxPaozGVKXdv0eY/wafs/3N9YFqslrxuURkTPXGwQbX/ruleset?preview=true
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": {
"attributes": {
"last_push": "2016-08-16 17:05:13 UTC",
"vcl": "sub waf_ruleset {\n\n}"
},
"id": "3N9YFqslrxuURkTPXGwQbX",
"type": "ruleset"
}
}
PATCH /service/service_id/wafs/waf_id/ruleset

Update a rule set for a particular service and firewall object. If moving to a new configuration set, use the URL in the response to view the rule update status.

Authentication

API token.

Request Example
PATCH /service/SU1Z0isxPaozGVKXdv0eY/wafs/3N9YFqslrxuURkTPXGwQbX/ruleset
Fastly-Key: YOUR_FASTLY_TOKEN
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json
{
"data": {
"id": "3N9YFqslrxuURkTPXGwQbX",
"type": "ruleset"
}
}
Response Example
HTTP/1.1 202 Accepted
Content-Type: application/vnd.api+json
{
"data": {
"attributes": {
"last_push": "2016-08-20 23:05:13 UTC",
"vcl": "sub waf_ruleset {\n\n}"
},
"id": "3N9YFqslrxuURkTPXGwQbX",
"type": "ruleset"
},
"links": {
"related": {
"href": "https://api.fastly.com/service/SU1Z0isxPaozGVKXdv0eY/wafs/3N9YFqslrxuURkTPXGwQbX/update_statuses/yAyllcStMc0SN1g6FYhZ6"
}
}
}

Tags

Tags for categorizing WAF rules. Tags can be filtered by name.


Fields

field type description
name string

Name of the tag.

Actions

GET /wafs/tags

List all tags.

Authentication

API token.

Parameters
parameter type description
filter[name] string

Limit the returned tags to a specific name.

page[size] integer

Limit the number of returned tags.

page[number] integer

Request a specific page of tags.

include array

Include relationships. Optional, comma separated values. Permitted values: rules.

Request Example
GET /wafs/tags?filter[name]=application-FBC%20Market&include=rules
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"links" : {
"next" : "https://api.fastly.com/wafs/tags?page[number]=2&page[size]=100",
"last" : "https://api.fastly.com/wafs/tags?page[number]=201&page[size]=100",
"first" : "https://api.fastly.com/wafs/tags?page[number]=1&page[size]=100"
},
"data" : [
{
"id" : "YfnzrNCQoMPLTpw7ej9wE",
"type" : "tag",
"attributes" : {
"name" : "OWASP"
},
"relationships" : {
"rules" : {
"data" : [
{
"id" : 930110,
"type" : "rule"
},
{
"id" : 911100,
"type" : "rule"
},
{
"id" : 931013,
"type" : "rule"
},
{
"id" : 931015,
"type" : "rule"
},
]
}.
},
},
{
"type" : "tag",
"attributes" : {
"name" : "WASCTC/WASC-37"
},
"id" : "6PAayRUwMORbeVMZuGTqk3",
"relationships" : {
"rules" : {
"data" : [
{
"id" : 930110,
"type" : "rule"
},
{
"id" : 911100,
"type" : "rule"
},
{
"id" : 931013,
"type" : "rule"
},
{
"id" : 931015,
"type" : "rule"
},
]
}.
},
},
]

Configuration sets

Configuration set object used to view and select the available versions of the Fastly WAF rules.


Fields

field type description
active string

The active configuration set is the default configuration set when creating a new WAF. When Fastly adds configuration sets, the new versions become the default (active).

name string

The name of the configuration set.

Actions

GET /wafs/configurations_sets

List all Fastly WAF rule versions.

Authentication

API token.

Request Example
GET /wafs/configuration_sets
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": [{
"id": "70xVgu04fKtYkQ4GPtYi62",
"type": "configuration_set",
"attributes": {
"active": true,
"name": "v2 2017-04-17T21:04:00+00:00"
}
}, {
"id": "20Z3oX04WvubaaZto5H5Ch",
"type": "configuration_set",
"attributes": {
"active": false,
"name": "v1 2017-02-17T21:04:00+00:00"
}
}],
"links": {
"last": "http://api.fastly.com/wafs/configuration_sets?page[number]=1&page[size]=100",
"first": "http://api.fastly.com/wafs/configuration_sets?page[number]=1&page[size]=100"
}
}
GET /wafs/configuration_sets/configuration_set_id/relationships/wafs

List the WAF objects currently using the specified configuration set.

Authentication

API token.

Request Example
GET /wafs/configuration_sets/70xVgu04fKtYkQ4GPtYi62/relationships/wafs
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": [{
"id": "4MYgVaNHjh8UhQ8feFR8Sz",
"type": "waf"
}],
"links": {
"first": "http://api.fastly.com/wafs/configuration_sets/70xVgu04fKtYkQ4GPtYi62/relationships/wafs?page[number]=1&page[size]=100",
"last": "http://api.fastly.com/wafs/configuration_sets/70xVgu04fKtYkQ4GPtYi62/relationships/wafs?page[number]=1&page[size]=100"
}
}
PATCH /wafs/configuration_sets/configuration_set_id/relationships/wafs

Update one or more WAF objects to use the specified configuration set.

Authentication

API token.

Request Example
PATCH /wafs/configuration_sets/70xVgu04fKtYkQ4GPtYi62/relationships/wafs
Fastly-Key: YOUR_FASTLY_TOKEN
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json
{
"data": [
{
"id": "4MYgVaNHjh8UhQ8feFR8Sz",
"type": "waf"
}
]
}
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": [
{
"id": "4MYgVaNHjh8UhQ8feFR8Sz",
"type": "waf"
}
],
"links": {
"first": "http://api.fastly.com/wafs/configuration_sets/70xVgu04fKtYkQ4GPtYi62/relationships/wafs?page[number]=1&page[size]=100",
"last": "http://api.fastly.com/wafs/configuration_sets/70xVgu04fKtYkQ4GPtYi62/relationships/wafs?page[number]=1&page[size]=100"
}
}

Update statuses

Update status indicates the status of an asynchronous process for updating a firewall object.


Fields

field type description
completed_at string

Date and time that job was completed.

created_at string

Date and time that job was created.

message string

Message with information about the status of the update.

status string

Current status of the update.

updated_at string

Date and time that job was last updated.

Actions

GET /service/service_id/wafs/waf_id/update_statuses

List all update statuses for a particular service and firewall object.

Authentication

API token.

Parameters
parameter type description
page[size] integer

Limit the number of returned tags.

page[number] integer

Request a specific page of tags.

include string

Include relationships. Optional, comma separated values. Permitted values: waf.

Request Example
GET /service/SU1Z0isxPaozGVKXdv0eY/wafs/3N9YFqslrxuURkTPXGwQbX/update_statuses
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"links" : {
"last" : "https://api.fastly.com/service/4CkNe7DSkapn8huuYZqpIK/wafs/6hBXhHGly9nQT9PvnA1cRo/update_statuses",
"next" : "https://api.fastly.com/service/4CkNe7DSkapn8huuYZqpIK/wafs/6hBXhHGly9nQT9PvnA1cRo/update_statuses",
"first" : "https://api.fastly.com/service/4CkNe7DSkapn8huuYZqpIK/wafs/6hBXhHGly9nQT9PvnA1cRo/update_statuses"
},
"data" : [
{
"type" : "waf_update_status",
"id" : "4VCeAYJS32HTWxSWMItJav",
"attributes" : {
"created_at" : "2016-09-28 21:01:29 UTC",
"status" : "complete",
"message" : null,
"completed_at" : "2016-09-28 21:01:30 UTC",
"updated_at" : "2016-09-28 21:01:30 UTC"
},
"relationships": {
"waf": {
"data": {
"type": "waf",
"id": "x4xCwxxJxGCx123Rx5xTx"
}
}
}
},
{
"type" : "waf_update_status",
"id" : "2tFRS2wX75drVS28750KlM",
"attributes" : {
"status" : "complete",
"created_at" : "2016-09-27 23:09:50 UTC",
"completed_at" : "2016-09-27 23:09:50 UTC",
"message" : null,
"updated_at" : "2016-09-27 23:09:50 UTC"
},
"relationships": {
"waf": {
"data": {
"type": "waf",
"id": "x4xCwxxJxGCx123Rx5xTx"
}
}
}
}
]
}
GET /service/service_id/wafs/waf_id/update_statuses/update_status_id

Get a specific update status object for a particular service and firewall object.

Authentication

API token.

Parameters
parameter type description
service_id string

The ID of the service.

waf_id string

The firewall ID.

update_status_id string

The update status ID.

Request Example
GET /service/SU1Z0isxPaozGVKXdv0eY/wafs/3N9YFqslrxuURkTPXGwQbX/update_statuses/2pdQfKTKioi2wa7HZaMR7A
Fastly-Key: YOUR_FASTLY_TOKEN
Accept: application/vnd.api+json
Response Example
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json
{
"data": {
"id": "2pdQfKTKioi2wa7HZaMR7A",
"type": "waf_update_status",
"attributes": {
"completed_at": "2016-09-09 16:10:49 UTC",
"created_at": "2016-09-09 16:10:49 UTC",
"message": null,
"status": "complete",
"updated_at": "2016-09-09 16:10:49 UTC"
},
"relationships": {
"waf": {
"data": {
"type": "waf",
"id": "x4xCwxxJxGCx123Rx5xTx"
}
}
}
}
}