Skip to content
API Enriched

Suggest DDoS Mitigation rule.

POST
/api/config/namespaces/{namespace}/http_loadbalancers/{name}/ddos_mitigation/suggestion
curl --request POST \
  --url https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/config/namespaces/example/http_loadbalancers/example/ddos_mitigation/suggestion \
  --header 'Authorization: <Authorization>' \
  --header 'Content-Type: application/json' \
  --data '{ "asn_list": { "as_numbers": [ 1 ] }, "country_list": [ "COUNTRY_NONE" ], "ip_prefix_list": { "invert_match": true, "ip_prefixes": [ "example" ] }, "ja4_tls_fingerprint_matcher": { "exact_values": [ "example" ] }, "name": "example", "namespace": "example", "tls_fingerprint_matcher": { "classes": [ "TLS_FINGERPRINT_NONE" ], "exact_values": [ "example" ], "excluded_values": [ "example" ] } }'

Suggest DDoSMitigatonRule to mitigate a given IP/ASN/Region/TLS.

Examples of this operation.

Authorizations

Section titled “Authorizations”

Parameters

Section titled “Parameters”

Path Parameters

Section titled “Path Parameters”
namespace
required
string

Namespace Namespace of the App type for current request.

name
required
string

Name load balancer for which this WAF exclusion will be applied.

Request Bodyrequired

Section titled “Request Bodyrequired”
Media typeapplication/json
GetSuggestedDDoSMitigtionRuleReq

GET suggested blocking DDoSMitigtionRule for a given IP/ASN/Country/TLS.

object
asn_list
object
as_numbers
as numbers

An unordered set of RFC 6793 defined 4-byte AS numbers that can be used to create allow or deny lists for use in network policy or service policy. It can be used to create the allow list only for DNS Load Balancer. Required: YES.

Array<integer>
>= 1 items <= 16 items
country_list
country_list

Sources that are located in one of the countries in the given list.

Array<string>
<= 64 items
Allowed values: COUNTRY_NONE COUNTRY_AD COUNTRY_AE COUNTRY_AF COUNTRY_AG COUNTRY_AI COUNTRY_AL COUNTRY_AM COUNTRY_AN COUNTRY_AO COUNTRY_AQ COUNTRY_AR COUNTRY_AS COUNTRY_AT COUNTRY_AU COUNTRY_AW COUNTRY_AX COUNTRY_AZ COUNTRY_BA COUNTRY_BB COUNTRY_BD COUNTRY_BE COUNTRY_BF COUNTRY_BG COUNTRY_BH COUNTRY_BI COUNTRY_BJ COUNTRY_BL COUNTRY_BM COUNTRY_BN COUNTRY_BO COUNTRY_BQ COUNTRY_BR COUNTRY_BS COUNTRY_BT COUNTRY_BV COUNTRY_BW COUNTRY_BY COUNTRY_BZ COUNTRY_CA COUNTRY_CC COUNTRY_CD COUNTRY_CF COUNTRY_CG COUNTRY_CH COUNTRY_CI COUNTRY_CK COUNTRY_CL COUNTRY_CM COUNTRY_CN COUNTRY_CO COUNTRY_CR COUNTRY_CS COUNTRY_CU COUNTRY_CV COUNTRY_CW COUNTRY_CX COUNTRY_CY COUNTRY_CZ COUNTRY_DE COUNTRY_DJ COUNTRY_DK COUNTRY_DM COUNTRY_DO COUNTRY_DZ COUNTRY_EC COUNTRY_EE COUNTRY_EG COUNTRY_EH COUNTRY_ER COUNTRY_ES COUNTRY_ET COUNTRY_FI COUNTRY_FJ COUNTRY_FK COUNTRY_FM COUNTRY_FO COUNTRY_FR COUNTRY_GA COUNTRY_GB COUNTRY_GD COUNTRY_GE COUNTRY_GF COUNTRY_GG COUNTRY_GH COUNTRY_GI COUNTRY_GL COUNTRY_GM COUNTRY_GN COUNTRY_GP COUNTRY_GQ COUNTRY_GR COUNTRY_GS COUNTRY_GT COUNTRY_GU COUNTRY_GW COUNTRY_GY COUNTRY_HK COUNTRY_HM COUNTRY_HN COUNTRY_HR COUNTRY_HT COUNTRY_HU COUNTRY_ID COUNTRY_IE COUNTRY_IL COUNTRY_IM COUNTRY_IN COUNTRY_IO COUNTRY_IQ COUNTRY_IR COUNTRY_IS COUNTRY_IT COUNTRY_JE COUNTRY_JM COUNTRY_JO COUNTRY_JP COUNTRY_KE COUNTRY_KG COUNTRY_KH COUNTRY_KI COUNTRY_KM COUNTRY_KN COUNTRY_KP COUNTRY_KR COUNTRY_KW COUNTRY_KY COUNTRY_KZ COUNTRY_LA COUNTRY_LB COUNTRY_LC COUNTRY_LI COUNTRY_LK COUNTRY_LR COUNTRY_LS COUNTRY_LT COUNTRY_LU COUNTRY_LV COUNTRY_LY COUNTRY_MA COUNTRY_MC COUNTRY_MD COUNTRY_ME COUNTRY_MF COUNTRY_MG COUNTRY_MH COUNTRY_MK COUNTRY_ML COUNTRY_MM COUNTRY_MN COUNTRY_MO COUNTRY_MP COUNTRY_MQ COUNTRY_MR COUNTRY_MS COUNTRY_MT COUNTRY_MU COUNTRY_MV COUNTRY_MW COUNTRY_MX COUNTRY_MY COUNTRY_MZ COUNTRY_NA COUNTRY_NC COUNTRY_NE COUNTRY_NF COUNTRY_NG COUNTRY_NI COUNTRY_NL COUNTRY_NO COUNTRY_NP COUNTRY_NR COUNTRY_NU COUNTRY_NZ COUNTRY_OM COUNTRY_PA COUNTRY_PE COUNTRY_PF COUNTRY_PG COUNTRY_PH COUNTRY_PK COUNTRY_PL COUNTRY_PM COUNTRY_PN COUNTRY_PR COUNTRY_PS COUNTRY_PT COUNTRY_PW COUNTRY_PY COUNTRY_QA COUNTRY_RE COUNTRY_RO COUNTRY_RS COUNTRY_RU COUNTRY_RW COUNTRY_SA COUNTRY_SB COUNTRY_SC COUNTRY_SD COUNTRY_SE COUNTRY_SG COUNTRY_SH COUNTRY_SI COUNTRY_SJ COUNTRY_SK COUNTRY_SL COUNTRY_SM COUNTRY_SN COUNTRY_SO COUNTRY_SR COUNTRY_SS COUNTRY_ST COUNTRY_SV COUNTRY_SX COUNTRY_SY COUNTRY_SZ COUNTRY_TC COUNTRY_TD COUNTRY_TF COUNTRY_TG COUNTRY_TH COUNTRY_TJ COUNTRY_TK COUNTRY_TL COUNTRY_TM COUNTRY_TN COUNTRY_TO COUNTRY_TR COUNTRY_TT COUNTRY_TV COUNTRY_TW COUNTRY_TZ COUNTRY_UA COUNTRY_UG COUNTRY_UM COUNTRY_US COUNTRY_UY COUNTRY_UZ COUNTRY_VA COUNTRY_VC COUNTRY_VE COUNTRY_VG COUNTRY_VI COUNTRY_VN COUNTRY_VU COUNTRY_WF COUNTRY_WS COUNTRY_XK COUNTRY_XT COUNTRY_YE COUNTRY_YT COUNTRY_ZA COUNTRY_ZM COUNTRY_ZW
ip_prefix_list
object
invert_match
invert_matcher

Invert the match result.

boolean format: boolean
ip_prefixes
ip prefixes

List of IPv4 prefix strings.

Array<string>
<= 128 items
ja4_tls_fingerprint_matcher
object
exact_values
exact values

A list of exact JA4 TLS fingerprint to match the input JA4 TLS fingerprint against.

Array<string>
<= 16 items
name
Name

Load balancer for which this WAF exclusion will be applied.

string
>= 6 characters <= 1024 characters
namespace
Namespace

Namespace of the App type for current request.

string
>= 6 characters <= 1024 characters
tls_fingerprint_matcher
object
classes
classes

A list of known classes of TLS fingerprints to match the input TLS JA3 fingerprint against.

Array<string>
<= 16 items
Allowed values: TLS_FINGERPRINT_NONE ANY_MALICIOUS_FINGERPRINT ADWARE ADWIND DRIDEX GOOTKIT GOZI JBIFROST QUAKBOT RANSOMWARE TROLDESH TOFSEE TORRENTLOCKER TRICKBOT
exact_values
exact values

A list of exact TLS JA3 fingerprints to match the input TLS JA3 fingerprint against.

Array<string>
<= 16 items
excluded_values
excluded values

A list of TLS JA3 fingerprints to be excluded when matching the input TLS JA3 fingerprint. This can be used to skip known false positives when using one or more known TLS fingerprint classes in the enclosing matcher.

Array<string>
<= 32 items

Responses

Section titled “Responses”

200

Section titled “200”

A successful response.

Media typeapplication/json
GetSuggestedDDoSMitigtionRuleRsp

GET suggested DDoS Mitigtion Rule for a given IP/ASN/Country/TLS.

object
found_existing_mitigation_rule
object
mitigation_rule
object
block
object
ddos_client_source
object
asn_list
object
as_numbers
as numbers

An unordered set of RFC 6793 defined 4-byte AS numbers that can be used to create allow or deny lists for use in network policy or service policy. It can be used to create the allow list only for DNS Load Balancer. Required: YES.

Array<integer>
>= 1 items <= 16 items
country_list
country_list

Sources that are located in one of the countries in the given list.

Array<string>
<= 64 items
Allowed values: COUNTRY_NONE COUNTRY_AD COUNTRY_AE COUNTRY_AF COUNTRY_AG COUNTRY_AI COUNTRY_AL COUNTRY_AM COUNTRY_AN COUNTRY_AO COUNTRY_AQ COUNTRY_AR COUNTRY_AS COUNTRY_AT COUNTRY_AU COUNTRY_AW COUNTRY_AX COUNTRY_AZ COUNTRY_BA COUNTRY_BB COUNTRY_BD COUNTRY_BE COUNTRY_BF COUNTRY_BG COUNTRY_BH COUNTRY_BI COUNTRY_BJ COUNTRY_BL COUNTRY_BM COUNTRY_BN COUNTRY_BO COUNTRY_BQ COUNTRY_BR COUNTRY_BS COUNTRY_BT COUNTRY_BV COUNTRY_BW COUNTRY_BY COUNTRY_BZ COUNTRY_CA COUNTRY_CC COUNTRY_CD COUNTRY_CF COUNTRY_CG COUNTRY_CH COUNTRY_CI COUNTRY_CK COUNTRY_CL COUNTRY_CM COUNTRY_CN COUNTRY_CO COUNTRY_CR COUNTRY_CS COUNTRY_CU COUNTRY_CV COUNTRY_CW COUNTRY_CX COUNTRY_CY COUNTRY_CZ COUNTRY_DE COUNTRY_DJ COUNTRY_DK COUNTRY_DM COUNTRY_DO COUNTRY_DZ COUNTRY_EC COUNTRY_EE COUNTRY_EG COUNTRY_EH COUNTRY_ER COUNTRY_ES COUNTRY_ET COUNTRY_FI COUNTRY_FJ COUNTRY_FK COUNTRY_FM COUNTRY_FO COUNTRY_FR COUNTRY_GA COUNTRY_GB COUNTRY_GD COUNTRY_GE COUNTRY_GF COUNTRY_GG COUNTRY_GH COUNTRY_GI COUNTRY_GL COUNTRY_GM COUNTRY_GN COUNTRY_GP COUNTRY_GQ COUNTRY_GR COUNTRY_GS COUNTRY_GT COUNTRY_GU COUNTRY_GW COUNTRY_GY COUNTRY_HK COUNTRY_HM COUNTRY_HN COUNTRY_HR COUNTRY_HT COUNTRY_HU COUNTRY_ID COUNTRY_IE COUNTRY_IL COUNTRY_IM COUNTRY_IN COUNTRY_IO COUNTRY_IQ COUNTRY_IR COUNTRY_IS COUNTRY_IT COUNTRY_JE COUNTRY_JM COUNTRY_JO COUNTRY_JP COUNTRY_KE COUNTRY_KG COUNTRY_KH COUNTRY_KI COUNTRY_KM COUNTRY_KN COUNTRY_KP COUNTRY_KR COUNTRY_KW COUNTRY_KY COUNTRY_KZ COUNTRY_LA COUNTRY_LB COUNTRY_LC COUNTRY_LI COUNTRY_LK COUNTRY_LR COUNTRY_LS COUNTRY_LT COUNTRY_LU COUNTRY_LV COUNTRY_LY COUNTRY_MA COUNTRY_MC COUNTRY_MD COUNTRY_ME COUNTRY_MF COUNTRY_MG COUNTRY_MH COUNTRY_MK COUNTRY_ML COUNTRY_MM COUNTRY_MN COUNTRY_MO COUNTRY_MP COUNTRY_MQ COUNTRY_MR COUNTRY_MS COUNTRY_MT COUNTRY_MU COUNTRY_MV COUNTRY_MW COUNTRY_MX COUNTRY_MY COUNTRY_MZ COUNTRY_NA COUNTRY_NC COUNTRY_NE COUNTRY_NF COUNTRY_NG COUNTRY_NI COUNTRY_NL COUNTRY_NO COUNTRY_NP COUNTRY_NR COUNTRY_NU COUNTRY_NZ COUNTRY_OM COUNTRY_PA COUNTRY_PE COUNTRY_PF COUNTRY_PG COUNTRY_PH COUNTRY_PK COUNTRY_PL COUNTRY_PM COUNTRY_PN COUNTRY_PR COUNTRY_PS COUNTRY_PT COUNTRY_PW COUNTRY_PY COUNTRY_QA COUNTRY_RE COUNTRY_RO COUNTRY_RS COUNTRY_RU COUNTRY_RW COUNTRY_SA COUNTRY_SB COUNTRY_SC COUNTRY_SD COUNTRY_SE COUNTRY_SG COUNTRY_SH COUNTRY_SI COUNTRY_SJ COUNTRY_SK COUNTRY_SL COUNTRY_SM COUNTRY_SN COUNTRY_SO COUNTRY_SR COUNTRY_SS COUNTRY_ST COUNTRY_SV COUNTRY_SX COUNTRY_SY COUNTRY_SZ COUNTRY_TC COUNTRY_TD COUNTRY_TF COUNTRY_TG COUNTRY_TH COUNTRY_TJ COUNTRY_TK COUNTRY_TL COUNTRY_TM COUNTRY_TN COUNTRY_TO COUNTRY_TR COUNTRY_TT COUNTRY_TV COUNTRY_TW COUNTRY_TZ COUNTRY_UA COUNTRY_UG COUNTRY_UM COUNTRY_US COUNTRY_UY COUNTRY_UZ COUNTRY_VA COUNTRY_VC COUNTRY_VE COUNTRY_VG COUNTRY_VI COUNTRY_VN COUNTRY_VU COUNTRY_WF COUNTRY_WS COUNTRY_XK COUNTRY_XT COUNTRY_YE COUNTRY_YT COUNTRY_ZA COUNTRY_ZM COUNTRY_ZW
ja4_tls_fingerprint_matcher
object
exact_values
exact values

A list of exact JA4 TLS fingerprint to match the input JA4 TLS fingerprint against.

Array<string>
<= 16 items
tls_fingerprint_matcher
object
classes
classes

A list of known classes of TLS fingerprints to match the input TLS JA3 fingerprint against.

Array<string>
<= 16 items
Allowed values: TLS_FINGERPRINT_NONE ANY_MALICIOUS_FINGERPRINT ADWARE ADWIND DRIDEX GOOTKIT GOZI JBIFROST QUAKBOT RANSOMWARE TROLDESH TOFSEE TORRENTLOCKER TRICKBOT
exact_values
exact values

A list of exact TLS JA3 fingerprints to match the input TLS JA3 fingerprint against.

Array<string>
<= 16 items
excluded_values
excluded values

A list of TLS JA3 fingerprints to be excluded when matching the input TLS JA3 fingerprint. This can be used to skip known false positives when using one or more known TLS fingerprint classes in the enclosing matcher.

Array<string>
<= 32 items
expiration_timestamp
expiration timestamp

The expiration_timestamp is the RFC 3339 format timestamp at which the containing rule is considered to be logically expired. The rule continues to exist in the configuration but is not applied anymore.

string format: date-time
<= 1024 characters
ip_prefix_list
object
invert_match
invert_matcher

Invert the match result.

boolean format: boolean
ip_prefixes
ip prefixes

List of IPv4 prefix strings.

Array<string>
<= 128 items
metadata
object
description
description

Human readable description.

string
>= 21 characters <= 256 characters
name
name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string
>= 1 characters <= 1024 characters
mitigation_rule_name
Name

HTTP load balancer for which this DDoS Mitigation Rule will be applied.

string
<= 1024 characters
Example
{
  "mitigation_rule": {
    "ddos_client_source": {
      "country_list": [
        "COUNTRY_NONE"
      ],
      "tls_fingerprint_matcher": {
        "classes": [
          "TLS_FINGERPRINT_NONE"
        ]
      }
    }
  }
}

401

Section titled “401”

Returned when operation is not authorized.

Media typeapplication/json
string format: string
Examplegenerated
example

403

Section titled “403”

Returned when there is no permission to access resource.

Media typeapplication/json
string format: string
Examplegenerated
example

404

Section titled “404”

Returned when resource is not found.

Media typeapplication/json
string format: string
Examplegenerated
example

409

Section titled “409”

Returned when operation on resource is conflicting with current value.

Media typeapplication/json
string format: string
Examplegenerated
example

429

Section titled “429”

Returned when operation has been rejected as it is happening too frequently.

Media typeapplication/json
string format: string
Examplegenerated
example

500

Section titled “500”

Returned when server encountered an error in processing API.

Media typeapplication/json
string format: string
Examplegenerated
example

503

Section titled “503”

Returned when service is unavailable temporarily.

Media typeapplication/json
string format: string
Examplegenerated
example

504

Section titled “504”

Returned when server timed out processing request.

Media typeapplication/json
string format: string
Examplegenerated
example