Akamai · Example Payload
Akamai Patch Waf Policy Ruleset Composite Example
CDNCloudEdge ComputingNetworksPlatformSecurity
Akamai Patch Waf Policy Ruleset Composite Example is an example object payload from Akamai, with 6 top-level fields. It illustrates the shape of data this provider's APIs accept or return.
Top-level fields
operationIdmethodpathsummaryrequestExamplesresponseExamples
Example Payload
{
"operationId": "patch-waf-policy-ruleset-composite",
"method": "PATCH",
"path": "/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/web-application-firewall/ruleset",
"summary": "Modify a security policy's rule set",
"requestExamples": [
{
"contentType": "application/json",
"example": {
"attackGroups": [
{
"action": "alert",
"group": "POLICY"
},
{
"action": "alert",
"conditionException": {},
"group": "WAT"
},
{
"action": "deny",
"conditionException": {
"advancedExceptions": {
"conditionOperator": "AND",
"conditions": [
{
"extensions": [
"test12"
],
"positiveMatch": true,
"type": "extensionMatch"
},
{
"filenames": [
"test13"
],
"positiveMatch": true,
"type": "filenameMatch"
},
{
"hosts": [
"test.hostname.com"
],
"positiveMatch": true,
"type": "hostMatch"
},
{
"ips": [
"192.0.2.5"
],
"positiveMatch": true,
"type": "ipMatch",
"useHeaders": true
},
{
"caseSensitive": true,
"name": "test14",
"nameCase": true,
"positiveMatch": true,
"type": "uriQueryMatch",
"value": "test15",
"wildcard": true
},
{
"header": "Accept",
"positiveMatch": true,
"type": "requestHeaderMatch",
"value": "test16",
"valueCase": true,
"valueWildcard": true
},
{
"methods": [
"GET"
],
"positiveMatch": true,
"type": "requestMethodMatch"
},
{
"paths": [
"/test16"
],
"positiveMatch": true,
"type": "pathMatch"
},
{
"clientLists": [
"97813_IPLIST"
],
"positiveMatch": true,
"type": "clientListMatch",
"useHeaders": true
}
],
"headerCookieOrParamValues": [
{
"valueWildcard": true,
"values": [
"test11"
]
}
],
"specificHeaderCookieParamXmlOrJsonNames": [
{
"names": [
"test3"
],
"selector": "REQUEST_HEADERS_NAMES",
"wildcard": true
},
{
"names": [
"test4"
],
"selector": "REQUEST_HEADERS",
"wildcard": true
},
{
"names": [
"test5"
],
"selector": "REQUEST_COOKIES_NAMES",
"wildcard": true
},
{
"names": [
"test6"
],
"selector": "REQUEST_COOKIES",
"wildcard": true
},
{
"names": [
"test1"
],
"selector": "ARGS_NAMES",
"wildcard": true
},
{
"names": [
"test2"
],
"selector": "ARGS",
"wildcard": true
},
{
"names": [
"test7"
],
"selector": "JSON_NAMES",
"wildcard": true
},
{
"names": [
"test8"
],
"selector": "JSON_PAIRS",
"wildcard": true
},
{
"names": [
"test9"
],
"selector": "XML_PAIRS",
"wildcard": true
},
{
"selector": "REQUEST_PROTOCOL",
"wildcard": true
},
{
"selector": "REQUEST_METHOD",
"wildcard": true
},
{
"selector": "REQUEST_URI",
"wildcard": true
},
{
"selector": "QUERY_STRING",
"wildcard": true
},
{
"selector": "REQUEST_FILENAME",
"wildcard": true
},
{
"selector": "REQUEST_PATH_SEGMENT",
"wildcard": true
},
{
"selector": "REQUEST_BODY",
"wildcard": true
},
{
"selector": "REQBODY_PROCESSOR_ERROR",
"wildcard": true
},
{
"selector": "FILES_NAMES",
"wildcard": true
}
]
}
},
"group": "PROTOCOL"
},
{
"action": "alert",
"conditionException": {},
"group": "SQL"
}
],
"rules": [
{
"action": "alert",
"conditionException": {
"advancedExceptions": {
"conditionOperator": "AND",
"conditions": [
{
"extensions": [
"test12"
],
"positiveMatch": true,
"type": "extensionMatch"
},
{
"filenames": [
"test13"
],
"positiveMatch": true,
"type": "filenameMatch"
},
{
"hosts": [
"test.hostname.com"
],
"positiveMatch": true,
"type": "hostMatch"
},
{
"ips": [
"192.0.2.120"
],
"positiveMatch": true,
"type": "ipMatch",
"useHeaders": true
},
{
"caseSensitive": true,
"name": "test14",
"nameCase": true,
"positiveMatch": true,
"type": "uriQueryMatch",
"value": "test15",
"wildcard": true
},
{
"header": "Accept",
"positiveMatch": true,
"type": "requestHeaderMatch",
"value": "test16",
"valueCase": true,
"valueWildcard": true
},
{
"methods": [
"GET"
],
"positiveMatch": true,
"type": "requestMethodMatch"
},
{
"paths": [
"/test16"
],
"positiveMatch": true,
"type": "pathMatch"
},
{
"clientLists": [
"97813_IPLIST"
],
"positiveMatch": true,
"type": "clientListMatch",
"useHeaders": true
}
],
"headerCookieOrParamValues": [
{
"valueWildcard": true,
"values": [
"test11"
]
}
],
"specificHeaderCookieParamXmlOrJsonNames": [
{
"names": [
"test3"
],
"selector": "REQUEST_HEADERS_NAMES",
"wildcard": true
},
{
"names": [
"test4"
],
"selector": "REQUEST_HEADERS",
"wildcard": true
},
{
"names": [
"test5"
],
"selector": "REQUEST_COOKIES_NAMES",
"wildcard": true
},
{
"names": [
"test6"
],
"selector": "REQUEST_COOKIES",
"wildcard": true
},
{
"names": [
"test1"
],
"selector": "ARGS_NAMES",
"wildcard": true
},
{
"names": [
"test2"
],
"selector": "ARGS",
"wildcard": true
},
{
"names": [
"test7"
],
"selector": "JSON_NAMES",
"wildcard": true
},
{
"names": [
"test8"
],
"selector": "JSON_PAIRS",
"wildcard": true
},
{
"names": [
"test9"
],
"selector": "XML_PAIRS",
"wildcard": true
},
{
"selector": "REQUEST_PROTOCOL",
"wildcard": true
},
{
"selector": "REQUEST_METHOD",
"wildcard": true
},
{
"selector": "REQUEST_URI",
"wildcard": true
},
{
"selector": "QUERY_STRING",
"wildcard": true
},
{
"selector": "REQUEST_FILENAME",
"wildcard": true
},
{
"selector": "REQUEST_PATH_SEGMENT",
"wildcard": true
},
{
"selector": "REQUEST_BODY",
"wildcard": true
},
{
"selector": "REQBODY_PROCESSOR_ERROR",
"wildcard": true
},
{
"selector": "FILES_NAMES",
"wildcard": true
}
]
}
},
"ruleId": 950002
},
{
"action": "alert",
"ruleId": 950006
},
{
"action": "alert",
"conditionException": {},
"ruleId": 950007
}
]
}
}
],
"responseExamples": [
{
"status": "200",
"contentType": "application/json",
"example": {
"adaptiveIntelligence": {
"threatIntelEnabled": true
},
"attackGroups": [
{
"action": "alert",
"conditionException": {},
"group": "POLICY"
},
{
"action": "alert",
"conditionException": {},
"group": "WAT"
},
{
"action": "deny",
"conditionException": {
"advancedExceptions": {
"conditionOperator": "AND",
"conditions": [
{
"extensions": [
"test12"
],
"positiveMatch": true,
"type": "extensionMatch"
},
{
"filenames": [
"test13"
],
"positiveMatch": true,
"type": "filenameMatch"
},
{
"hosts": [
"test.hostname.com"
],
"positiveMatch": true,
"type": "hostMatch"
},
{
"ips": [
"192.0.2.225"
],
"positiveMatch": true,
"type": "ipMatch",
"useHeaders": true
},
{
"caseSensitive": true,
"name": "test14",
"nameCase": true,
"positiveMatch": true,
"type": "uriQueryMatch",
"value": "test15",
"wildcard": true
},
{
"header": "Accept",
"positiveMatch": true,
"type": "requestHeaderMatch",
"value": "test16",
"valueCase": true,
"valueWildcard": true
},
{
"methods": [
"GET"
],
"positiveMatch": true,
"type": "requestMethodMatch"
},
{
"paths": [
"/test16"
],
"positiveMatch": true,
"type": "pathMatch"
},
{
"clientLists": [
"97813_IPLIST"
],
"positiveMatch": true,
"type": "clientListMatch",
"useHeaders": true
}
],
"headerCookieOrParamValues": [
{
"valueWildcard": true,
"values": [
"test11"
]
}
],
"specificHeaderCookieParamXmlOrJsonNames": [
{
"names": [
"test3"
],
"selector": "REQUEST_HEADERS_NAMES",
"wildcard": true
},
{
"names": [
"test4"
],
"selector": "REQUEST_HEADERS",
"wildcard": true
},
{
"names": [
"test5"
],
"selector": "REQUEST_COOKIES_NAMES",
"wildcard": true
},
{
"names": [
"test6"
],
"selector": "REQUEST_COOKIES",
"wildcard": true
},
{
"names": [
"test1"
],
"selector": "ARGS_NAMES",
"wildcard": true
},
{
"names": [
"test2"
],
"selector": "ARGS",
"wildcard": true
},
{
"names": [
"test7"
],
"selector": "JSON_NAMES",
"wildcard": true
},
{
"names": [
"test8"
],
"selector": "JSON_PAIRS",
"wildcard": true
},
{
"names": [
"test9"
],
"selector": "XML_PAIRS",
"wildcard": true
},
{
"selector": "REQUEST_PROTOCOL",
"wildcard": true
},
{
"selector": "REQUEST_METHOD",
"wildcard": true
},
{
"selector": "REQUEST_URI",
"wildcard": true
},
{
"selector": "QUERY_STRING",
"wildcard": true
},
{
"selector": "REQUEST_FILENAME",
"wildcard": true
},
{
"selector": "REQUEST_PATH_SEGMENT",
"wildcard": true
},
{
"selector": "REQUEST_BODY",
"wildcard": true
},
{
"selector": "REQBODY_PROCESSOR_ERROR",
"wildcard": true
},
{
"selector": "FILES_NAMES",
"wildcard": true
}
]
}
},
"group": "PROTOCOL"
},
{
"action": "alert",
"conditionException": {},
"group": "SQL"
},
{
"action": "alert",
"conditionException": {},
"group": "XSS"
},
{
"action": "alert",
"conditionException": {},
"group": "LFI"
},
{
"action": "alert",
"conditionException": {},
"group": "RFI"
},
{
"action": "alert",
"conditionException": {},
"group": "PLATFORM"
},
{
"action": "none",
"conditionException": {},
"group": "OUTBOUND"
},
{
"action": "none",
"conditionException": {},
"group": "CMD"
}
],
"ruleSetInfo": {
"ruleSetVersion": 1
},
"rules": [
{
"action": "alert",
"conditionException": {
"advancedExceptions": {
"conditionOperator": "AND",
"conditions": [
{
"extensions": [
"test12"
],
"positiveMatch": true,
"type": "extensionMatch"
},
{
"filenames": [
"test13"
],
"positiveMatch": true,
"type": "filenameMatch"
},
{
"hosts": [
"test.hostname.com"
],
"positiveMatch": true,
"type": "hostMatch"
},
{
"ips": [
"192.0.2.242"
],
"positiveMatch": true,
"type": "ipMatch",
"useHeaders": true
},
{
"caseSensitive": true,
"name": "test14",
"nameCase": true,
"positiveMatch": true,
"type": "uriQueryMatch",
"value": "test15",
"wildcard": true
},
{
"header": "Accept",
"positiveMatch": true,
"type": "requestHeaderMatch",
"value": "test16",
"valueCase": true,
"valueWildcard": true
},
{
"methods": [
"GET"
],
"positiveMatch": true,
"type": "requestMethodMatch"
},
{
"paths": [
"/test16"
],
"positiveMatch": true,
"type": "pathMatch"
},
{
"clientLists": [
"97813_IPLIST"
],
"positiveMatch": true,
"type": "clientListMatch",
"useHeaders": true
}
],
"headerCookieOrParamValues": [
{
"valueWildcard": true,
"values": [
"test11"
]
}
],
"specificHeaderCookieParamXmlOrJsonNames": [
{
"names": [
"test3"
],
"selector": "REQUEST_HEADERS_NAMES",
"wildcard": true
},
{
"names": [
"test4"
],
"selector": "REQUEST_HEADERS",
"wildcard": true
},
{
"names": [
"test5"
],
"selector": "REQUEST_COOKIES_NAMES",
"wildcard": true
},
{
"names": [
"test6"
],
"selector": "REQUEST_COOKIES",
"wildcard": true
},
{
"names": [
"test1"
],
"selector": "ARGS_NAMES",
"wildcard": true
},
{
"names": [
"test2"
],
"selector": "ARGS",
"wildcard": true
},
{
"names": [
"test7"
],
"selector": "JSON_NAMES",
"wildcard": true
},
{
"names": [
"test8"
],
"selector": "JSON_PAIRS",
"wildcard": true
},
{
"names": [
"test9"
],
"selector": "XML_PAIRS",
"wildcard": true
},
{
"selector": "REQUEST_PROTOCOL",
"wildcard": true
},
{
"selector": "REQUEST_METHOD",
"wildcard": true
},
{
"selector": "REQUEST_URI",
"wildcard": true
},
{
"selector": "QUERY_STRING",
"wildcard": true
},
{
"selector": "REQUEST_FILENAME",
"wildcard": true
},
{
"selector": "REQUEST_PATH_SEGMENT",
"wildcard": true
},
{
"selector": "REQUEST_BODY",
"wildcard": true
},
{
"selector": "REQBODY_PROCESSOR_ERROR",
"wildcard": true
},
{
"selector": "FILES_NAMES",
"wildcard": true
}
]
}
},
"ruleId": 950002,
"ruleName": "CMD Injection Attack Detected (OS Commands 4)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 950006,
"ruleName": "CMD Injection Attack Detected (OS Commands 5)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 950007,
"ruleName": "SQL Injection Attack (Blind Testing)"
},
{
"action": "none",
"conditionException": {},
"ruleId": 950011,
"ruleName": "Server-Side Include (SSI) Attack"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 950118,
"ruleName": "Remote File Inclusion Attack (Common PHP RFI Attacks)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 950203,
"ruleName": "Local File Inclusion (LFI) Attack (Directory Traversal and Obfuscation Attempts)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 950204,
"ruleName": "Local File Inclusion (LFI) Attack (Directory Traversal and Obfuscation Attempts)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 950216,
"ruleName": "Unicode Full/Half Width Abuse Attack Attempt"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 950220,
"ruleName": "Possible URL Redirector Abuse (Off-Domain URL)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 950902,
"ruleName": "SQL Injection Attack (Tautology Probes 1)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 951910,
"ruleName": "HTTP Response Splitting Attack (Header Injection)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 958003,
"ruleName": "Cross-site Scripting (XSS) Attack (Fromcharcode Detected)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 958008,
"ruleName": "Cross-site Scripting (XSS) Attack (HTML INPUT IMAGE Tag)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 958023,
"ruleName": "Cross-site Scripting (XSS) Attack (Javascript URL Protocol Handler with \"lowsrc\" Attribute)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 958034,
"ruleName": "Cross-site Scripting (XSS) Attack (Style Attribute with 'expression' Keyword)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 958051,
"ruleName": "Cross-site Scripting (XSS) Attack (Script Tag)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000065,
"ruleName": "Apache Struts Remote Command Execution (Deserialization Attack)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000072,
"ruleName": "Deserialization Attack Detected"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000080,
"ruleName": "Cross-site Scripting (XSS) Attack (Attribute Injection 1)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000081,
"ruleName": "Cross-site Scripting (XSS) Attack (Attribute Injection 2)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000100,
"ruleName": "SQL Injection Attack (SmartDetect)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000101,
"ruleName": "SQL Injection Attack (Common SQL Database Probes)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000102,
"ruleName": "SQL Injection Attack (Null Byte Detected)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000103,
"ruleName": "SQL Injection Attack (NoSQL Injection)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000104,
"ruleName": "SQL Injection Attack (NoSQL Injection)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000105,
"ruleName": "NOSQL Operator Injection Detected"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000108,
"ruleName": "Pandora / DirtJumper DDoS Detection - HTTP GET Attacks"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000109,
"ruleName": "Ruby on Rails YAML Injection Attack"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000110,
"ruleName": "Cross-site Scripting (XSS) Attack (SmartDetect)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000111,
"ruleName": "Cross-site Scripting (XSS) Attack (Common PoC Probes 1)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000112,
"ruleName": "Cross-site Scripting (XSS) Attack (Common PoC Probes 2)"
},
{
"action": "alert",
"conditionException": {},
"ruleId": 3000113,
"ruleName": "Cross-site Scripting (XSS) Attack (Javascript Mixed Case Obfuscation)"
},
{
"action": "none",
"conditionException": {},
"ruleId": 99999900,
"ruleName": "DDoSia Toolkit DETECTED"
}
]
}
},
{
"status": "400",
"contentType": "application/json",
"example": {
"detail": "The request could not be understood by the server due to malformed syntax.",
"instance": "https://problems.luna.akamaiapis.net/appsec/error-instances/d54686b5-21cb-4ab7-a8d6-a92282cf1749",
"status": 400,
"title":
# --- truncated at 32 KB (32 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/akamai/refs/heads/main/examples/akamai-patch-waf-policy-ruleset-composite-example.json