waf template brute-force-protection¶
Protect brute force attacks
brute-force-protection Specification¶
Parameter Value Type Configuration Resource Element Name brute-force-protection Element URI /axapi/v3/waf/template/{name}/brute-force-protection Element Attributes brute-force-protection_attributes Partition Visibility shared Schema brute-force-protection schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/waf/template/{name}/brute-force-protection | ||
Get Object | GET | /axapi/v3/waf/template/{name}/brute-force-protection | ||
Modify Object | POST | /axapi/v3/waf/template/{name}/brute-force-protection | ||
Replace Object | PUT | /axapi/v3/waf/template/{name}/brute-force-protection | ||
Delete Object | DELETE | /axapi/v3/waf/template/{name}/brute-force-protection |
brute-force-protection attributes¶
brute-force-challenge-limit
Description Maximum brute-force events before sending challenge (default 2) (Maximum brute-force events before locking out client (default 2))
Type: number
Range: 0-65535
Default: 2
brute-force-global
Description Brute-force triggers apply globally instead of per-client (Apply brute-force triggers globally)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
brute-force-lockout-limit
Description Maximum brute-force events before locking out client (default 5)
Type: number
Range: 0-65535
Default: 5
brute-force-lockout-period
Description Number of seconds client should be locked out (default 600)
Type: number
Range: 0-1800
Default: 600
brute-force-resp-codes
Description Trigger brute-force check on HTTP response code
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
brute-force-resp-codes-file
Description Name of WAF policy list file
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
brute-force-resp-headers
Description Trigger brute-force check on HTTP response header names
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
brute-force-resp-headers-file
Description Name of WAF policy list file
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
brute-force-resp-string
Description Trigger brute-force check on HTTP response reason phrase
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
brute-force-resp-string-file
Description Name of WAF policy list file
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
brute-force-test-period
Description Number of seconds for brute-force event counting (default 60)
Type: number
Range: 0-600
Default: 60
challenge-action-captcha
Description Initiate a Captcha to verify client can respond
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
challenge-action-cookie
Description Use Set-Cookie to determine if client allows cookies
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
challenge-action-javascript
Description Add JavaScript to response to test if client allows JavaScript
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
enable-disable-action
Description ‘enable’: Enable brute force protections; ‘disable’: Disable brute force protections (default);
Type: string
Supported Values: enable, disable
Default: disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters