.. _waf_template_brute_force_protection:

waf template brute-force-protection
===================================

Protect brute force attacks


brute-force-protection Specification
------------------------------------

	===================================== ===================================================================================
	 **Parameter**                         **Value** 

	===================================== ===================================================================================
	 **Type**                              *Configuration Resource*

	 **Element Name**                      brute-force-protection

	 **Element URI**                       /axapi/v3/waf/template/{name}/brute-force-protection

	 **Element Attributes**                brute-force-protection_attributes

	 **Partition Visibility**              shared

	 **Schema**                             :download:`brute-force-protection schema <waf-template-brute-force-protection/waf-template-brute-force-protection.txt>`
	===================================== ===================================================================================





	**Operations Allowed:**




.. raw:: html

   <script type="text/javascript">
 function showExample(a,b) { document.getElementById(a+'_div').style.display = 'block'; document.getElementById(a+'_cl').style.display = 'block'; document.getElementById(a+'_eg').style.display = 'none';}
   function closeExample(a,b) { document.getElementById(a+'_div').style.display = 'none'; document.getElementById(a+'_cl').style.display = 'none'; document.getElementById(a+'_eg').style.display = 'block';}
 </script>
   <table width='90%' style='margin-left:5%'>



.. raw:: html

   <tr style='border-bottom: thin solid; border-top: thin solid'><th width=15%>Operation</th><th width=10%>Method</th><th>URI</th><th width=15%>Payload</th><th width=10%></th></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Create Object



.. raw:: html

   </td><td valign = 'top'>


POST



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/waf/template/{name}/brute-force-protection



.. raw:: html

   </td><td valign = 'top'>


:ref:`3275_brute-force-protection_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Get Object



.. raw:: html

   </td><td valign = 'top'>


GET



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/waf/template/{name}/brute-force-protection



.. raw:: html

   </td><td valign = 'top'>


:ref:`3275_brute-force-protection_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Modify Object



.. raw:: html

   </td><td valign = 'top'>


POST



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/waf/template/{name}/brute-force-protection



.. raw:: html

   </td><td valign = 'top'>


:ref:`3275_brute-force-protection_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Replace Object



.. raw:: html

   </td><td valign = 'top'>


PUT



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/waf/template/{name}/brute-force-protection



.. raw:: html

   </td><td valign = 'top'>


:ref:`3275_brute-force-protection_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Delete Object



.. raw:: html

   </td><td valign = 'top'>


DELETE



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/waf/template/{name}/brute-force-protection



.. raw:: html

   </td><td valign = 'top'>


:ref:`3275_brute-force-protection_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   </table>

.. _3275_brute-force-protection_attributes:

brute-force-protection attributes
---------------------------------

    **brute-force-challenge-limit**

        **Description** Maximum brute-force events before sending challenge (default 2) (Maximum brute-force events before locking out client (default 2))

        **Type:** number

        **Range:** 0-65535

        **Default:** 2

    **brute-force-global**

        **Description** Brute-force triggers apply globally instead of per-client (Apply brute-force triggers globally)

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **brute-force-lockout-limit**

        **Description** Maximum brute-force events before locking out client (default 5)

        **Type:** number

        **Range:** 0-65535

        **Default:** 5

    **brute-force-lockout-period**

        **Description** Number of seconds client should be locked out (default 600)

        **Type:** number

        **Range:** 0-1800

        **Default:** 600

    **brute-force-resp-codes**

        **Description** Trigger brute-force check on HTTP response code

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **brute-force-resp-codes-file**

        **Description** Name of WAF policy list file

        **Type:** string

        **Maximum Length:** 128 characters

        **Maximum Length:** 1 characters

    **brute-force-resp-headers**

        **Description** Trigger brute-force check on HTTP response header names

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **brute-force-resp-headers-file**

        **Description** Name of WAF policy list file

        **Type:** string

        **Maximum Length:** 128 characters

        **Maximum Length:** 1 characters

    **brute-force-resp-string**

        **Description** Trigger brute-force check on HTTP response reason phrase

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **brute-force-resp-string-file**

        **Description** Name of WAF policy list file

        **Type:** string

        **Maximum Length:** 128 characters

        **Maximum Length:** 1 characters

    **brute-force-test-period**

        **Description** Number of seconds for brute-force event counting (default 60)

        **Type:** number

        **Range:** 0-600

        **Default:** 60

    **challenge-action-captcha**

        **Description** Initiate a Captcha to verify client can respond

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **challenge-action-cookie**

        **Description** Use Set-Cookie to determine if client allows cookies

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **challenge-action-javascript**

        **Description** Add JavaScript to response to test if client allows JavaScript

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **enable-disable-action**

        **Description** 'enable': Enable brute force protections; 'disable': Disable brute force protections (default); 

        **Type:** string

        **Supported Values:** enable, disable

        **Default:** disable

    **uuid**

        **Description** uuid of the object

        **Type:** string

        **Maximum Length:** 64 characters

        **Maximum Length:** 1 characters