Replace Application Firewall.

PUT

/api/config/namespaces/{metadata.namespace}/app_firewalls/{metadata.name}

curl --request PUT \
  --url https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/config/namespaces/example/app_firewalls/example \
  --header 'Authorization: <Authorization>' \
  --header 'Content-Type: application/json' \
  --data '{ "metadata": { "annotations": {}, "description": "example", "disable": true, "labels": {}, "name": "example", "namespace": "example" }, "spec": { "allow_all_response_codes": {}, "allowed_response_codes": { "response_code": [ 1 ] }, "blocking": {}, "blocking_page": { "blocking_page": "example", "response_code": "EmptyStatusCode" }, "bot_protection_setting": { "good_bot_action": "BLOCK", "malicious_bot_action": "BLOCK", "suspicious_bot_action": "BLOCK" }, "custom_anonymization": { "anonymization_config": [ { "cookie": { "cookie_name": "example" }, "http_header": { "header_name": "example" }, "query_parameter": { "query_param_name": "example" } } ] }, "default_anonymization": {}, "default_bot_setting": {}, "default_detection_settings": {}, "detection_settings": { "bot_protection_setting": { "good_bot_action": "BLOCK", "malicious_bot_action": "BLOCK", "suspicious_bot_action": "BLOCK" }, "default_bot_setting": {}, "default_violation_settings": {}, "disable_staging": {}, "disable_suppression": {}, "disable_threat_campaigns": {}, "enable_suppression": {}, "enable_threat_campaigns": {}, "signature_selection_setting": { "attack_type_settings": { "disabled_attack_types": [ "ATTACK_TYPE_NONE" ] }, "default_attack_type_settings": {}, "high_medium_accuracy_signatures": {}, "high_medium_low_accuracy_signatures": {}, "only_high_accuracy_signatures": {} }, "stage_new_and_updated_signatures": { "staging_period": 1 }, "stage_new_signatures": { "staging_period": 1 }, "violation_settings": { "disabled_violation_types": [ "VIOL_NONE" ] }, "violations_view": [ { "description": "example", "enabled": true, "enabled_by_default": "example", "name": "example", "title": "example" } ] }, "disable_ai_enhancements": {}, "disable_anonymization": {}, "enable_ai_enhancements": { "mitigate_high_medium_risk_action": {}, "mitigate_high_risk_action": {} }, "monitoring": {}, "use_default_blocking_page": {} } }'

• F5 Distributed Cloud Console

Replace Application Firewall.

Examples of this operation.

Authorizations

• ApiToken

Parameters

Path Parameters

metadata.namespace

required

string

Namespace This defines the workspace within which each the configuration object is to be created. Must be a DNS_LABEL format. For a namespace object itself, namespace value will be ""

metadata.name

required

string

Name The configuration object to be replaced will be looked up by name.

Request Body^required

Media typeapplication/json

ReplaceRequest is used to replace contents of a app_firewall

This is the input message of the ‘Replace’ RPC.

object

metadata

object

annotations

annotations

Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects.

object

description

description

Human readable description for the object.

string

>= 21 characters <= 1200 characters

disable

disable

A value of true will administratively disable the object.

boolean format: boolean

labels

labels

Map of string keys and values that can be used to organize and categorize (scope and select) objects as chosen by the user. Values specified here will be used by selector expression.

object

name

name

This is the name of configuration object. It has to be unique within the namespace. It can only be specified during create API and cannot be changed during replace API. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 6 characters <= 1024 characters

namespace

namespace

This defines the workspace within which each the configuration object is to be created. Must be a DNS_LABEL format. For a namespace object itself, namespace value will be ""

string

>= 6 characters <= 1024 characters

spec

object

allow_all_response_codes

object

allowed_response_codes

object

response_code

response_code

List of HTTP response status codes that are allowed Required: YES.

Array<integer>

>= 1 items <= 48 items

blocking

object

blocking_page

object

blocking_page

blocking_page

Define the content of the response page (e.g., an HTML document or a JSON object), use the {{request_id}} placeholder to provide users with a unique identifier to be able to trace the blocked request in the logs. The maximum allowed size of response body is 4096 bytes after base64 encoding, which would be about 3070 bytes in plain text.

string

<= 4096 characters

response_code

string

default: EmptyStatusCode

Allowed values: EmptyStatusCode Continue OK Created Accepted NonAuthoritativeInformation NoContent ResetContent PartialContent MultiStatus AlreadyReported IMUsed MultipleChoices MovedPermanently Found SeeOther NotModified UseProxy TemporaryRedirect PermanentRedirect BadRequest Unauthorized PaymentRequired Forbidden NotFound MethodNotAllowed NotAcceptable ProxyAuthenticationRequired RequestTimeout Conflict Gone LengthRequired PreconditionFailed PayloadTooLarge URITooLong UnsupportedMediaType RangeNotSatisfiable ExpectationFailed MisdirectedRequest UnprocessableEntity Locked FailedDependency UpgradeRequired PreconditionRequired TooManyRequests RequestHeaderFieldsTooLarge InternalServerError NotImplemented BadGateway ServiceUnavailable GatewayTimeout HTTPVersionNotSupported VariantAlsoNegotiates InsufficientStorage LoopDetected NotExtended NetworkAuthenticationRequired

bot_protection_setting

object

good_bot_action

string

default: BLOCK

Allowed values: BLOCK REPORT IGNORE

malicious_bot_action

string

default: BLOCK

Allowed values: BLOCK REPORT IGNORE

suspicious_bot_action

string

default: BLOCK

Allowed values: BLOCK REPORT IGNORE

custom_anonymization

object

anonymization_config

AnonymizationConfiguration

List of HTTP headers, cookies and query parameters whose values will be masked

Required: YES.

Array<object>

<= 64 items

AnonymizationConfiguration

Configure anonymization for HTTP headers, parameters or cookies which may contain sensitive data.

object

cookie

object

cookie_name

cookie_name

Masks the cookie value. The setting does not mask the cookie name. Wildcard matching can be used by prefixing or suffixing the cookie name with a wildcard asterisk (*), or by using only an asterisk to match any cookie name. Required: YES.

string

<= 256 characters

http_header

object

header_name

header_name

Masks the HTTP header value. The setting does not mask the HTTP header name. Wildcard matching can be used by prefixing or suffixing the HTTP header name with a wildcard asterisk (*), or by using only an asterisk to match any HTTP header name. Required: YES.

string

<= 1024 characters

query_parameter

object

query_param_name

query_param_name

Masks the query parameter value. The setting does not mask the query parameter name. Wildcard matching can be used by prefixing or suffixing the query parameter name with a wildcard asterisk (*), or by using only an asterisk to match any query parameter name. Required: YES.

string

<= 256 characters

default_anonymization

object

default_bot_setting

object

default_detection_settings

object

detection_settings

object

bot_protection_setting

object

good_bot_action

string

default: BLOCK

Allowed values: BLOCK REPORT IGNORE

malicious_bot_action

string

default: BLOCK

Allowed values: BLOCK REPORT IGNORE

suspicious_bot_action

string

default: BLOCK

Allowed values: BLOCK REPORT IGNORE

default_bot_setting

object

default_violation_settings

object

disable_staging

object

disable_suppression

object

disable_threat_campaigns

object

enable_suppression

object

enable_threat_campaigns

object

signature_selection_setting

object

attack_type_settings

object

disabled_attack_types

Disabled Attack Types

List of Attack Types that will be ignored and not trigger a detection

Required: YES.

Array<string>

<= 22 items

Allowed values: ATTACK_TYPE_NONE ATTACK_TYPE_NON_BROWSER_CLIENT ATTACK_TYPE_OTHER_APPLICATION_ATTACKS ATTACK_TYPE_TROJAN_BACKDOOR_SPYWARE ATTACK_TYPE_DETECTION_EVASION ATTACK_TYPE_VULNERABILITY_SCAN ATTACK_TYPE_ABUSE_OF_FUNCTIONALITY ATTACK_TYPE_AUTHENTICATION_AUTHORIZATION_ATTACKS ATTACK_TYPE_BUFFER_OVERFLOW ATTACK_TYPE_PREDICTABLE_RESOURCE_LOCATION ATTACK_TYPE_INFORMATION_LEAKAGE ATTACK_TYPE_DIRECTORY_INDEXING ATTACK_TYPE_PATH_TRAVERSAL ATTACK_TYPE_XPATH_INJECTION ATTACK_TYPE_LDAP_INJECTION ATTACK_TYPE_SERVER_SIDE_CODE_INJECTION ATTACK_TYPE_COMMAND_EXECUTION ATTACK_TYPE_SQL_INJECTION ATTACK_TYPE_CROSS_SITE_SCRIPTING ATTACK_TYPE_DENIAL_OF_SERVICE ATTACK_TYPE_HTTP_PARSER_ATTACK ATTACK_TYPE_SESSION_HIJACKING ATTACK_TYPE_HTTP_RESPONSE_SPLITTING ATTACK_TYPE_FORCEFUL_BROWSING ATTACK_TYPE_REMOTE_FILE_INCLUDE ATTACK_TYPE_MALICIOUS_FILE_UPLOAD ATTACK_TYPE_GRAPHQL_PARSER_ATTACK

default_attack_type_settings

object

high_medium_accuracy_signatures

object

high_medium_low_accuracy_signatures

object

only_high_accuracy_signatures

object

stage_new_and_updated_signatures

object

staging_period

Staging Period

Define staging period in days. The default staging period is 7 days and the max supported staging period is 20 days. Required: YES.

integer format: int64

stage_new_signatures

object

staging_period

Staging Period

Define staging period in days. The default staging period is 7 days and the max supported staging period is 20 days. Required: YES.

integer format: int64

violation_settings

object

disabled_violation_types

Disabled Violations

List of violations to be excluded

Required: YES.

Array<string>

<= 40 items

Allowed values: VIOL_NONE VIOL_FILETYPE VIOL_METHOD VIOL_MANDATORY_HEADER VIOL_HTTP_RESPONSE_STATUS VIOL_REQUEST_MAX_LENGTH VIOL_FILE_UPLOAD VIOL_FILE_UPLOAD_IN_BODY VIOL_XML_MALFORMED VIOL_JSON_MALFORMED VIOL_ASM_COOKIE_MODIFIED VIOL_HTTP_PROTOCOL_MULTIPLE_HOST_HEADERS VIOL_HTTP_PROTOCOL_BAD_HOST_HEADER_VALUE VIOL_HTTP_PROTOCOL_UNPARSABLE_REQUEST_CONTENT VIOL_HTTP_PROTOCOL_NULL_IN_REQUEST VIOL_HTTP_PROTOCOL_BAD_HTTP_VERSION VIOL_HTTP_PROTOCOL_CRLF_CHARACTERS_BEFORE_REQUEST_START VIOL_HTTP_PROTOCOL_NO_HOST_HEADER_IN_HTTP_1_1_REQUEST VIOL_HTTP_PROTOCOL_BAD_MULTIPART_PARAMETERS_PARSING VIOL_HTTP_PROTOCOL_SEVERAL_CONTENT_LENGTH_HEADERS VIOL_HTTP_PROTOCOL_CONTENT_LENGTH_SHOULD_BE_A_POSITIVE_NUMBER VIOL_EVASION_DIRECTORY_TRAVERSALS VIOL_MALFORMED_REQUEST VIOL_EVASION_MULTIPLE_DECODING VIOL_DATA_GUARD VIOL_EVASION_APACHE_WHITESPACE VIOL_COOKIE_MODIFIED VIOL_EVASION_IIS_UNICODE_CODEPOINTS VIOL_EVASION_IIS_BACKSLASHES VIOL_EVASION_PERCENT_U_DECODING VIOL_EVASION_BARE_BYTE_DECODING VIOL_EVASION_BAD_UNESCAPE VIOL_HTTP_PROTOCOL_BAD_MULTIPART_FORMDATA_REQUEST_PARSING VIOL_HTTP_PROTOCOL_BODY_IN_GET_OR_HEAD_REQUEST VIOL_HTTP_PROTOCOL_HIGH_ASCII_CHARACTERS_IN_HEADERS VIOL_ENCODING VIOL_COOKIE_MALFORMED VIOL_GRAPHQL_FORMAT VIOL_GRAPHQL_MALFORMED VIOL_GRAPHQL_INTROSPECTION_QUERY

violations_view

Violations configuration settings for view only

List of violation checks that are performed on HTTP request to ensure the requests are properly formatted, detection of evasion techniques and other violations.

Required: YES.

Array<object>

Violation Config will be used by UI for view only

Custom configuration for a violation.

object

description

description

Human-readable description text

string

>= 21 characters <= 1024 characters

enabled

user customised state

Enable or disable the feature

boolean format: boolean

enabled_by_default

enabled_by_default

Violations that are enabled by default by F5 are advisable to leave enabled.

string

<= 1024 characters

name

code

Human-readable name for the resource

string

>= 6 characters <= 1024 characters

title

name

Human-readable title for the resource

string

>= 6 characters <= 1024 characters

disable_ai_enhancements

object

disable_anonymization

object

enable_ai_enhancements

object

mitigate_high_medium_risk_action

object

mitigate_high_risk_action

object

monitoring

object

use_default_blocking_page

object

Responses

200

A successful response.

Media typeapplication/json

object

Example^generated

{}

401

Returned when operation is not authorized.

Media typeapplication/json

string format: string

Example^generated

example

403

Returned when there is no permission to access resource.

Media typeapplication/json

string format: string

Example^generated

example

404

Returned when resource is not found.

Media typeapplication/json

string format: string

Example^generated

example

409

Returned when operation on resource is conflicting with current value.

Media typeapplication/json

string format: string

Example^generated

example

429

Returned when operation has been rejected as it is happening too frequently.

Media typeapplication/json

string format: string

Example^generated

example

500

Returned when server encountered an error in processing API.

Media typeapplication/json

string format: string

Example^generated

example

503

Returned when service is unavailable temporarily.

Media typeapplication/json

string format: string

Example^generated

example

504

Returned when server timed out processing request.

Media typeapplication/json

string format: string

Example^generated

example