Configures a protection rule group of the protection rules engine feature and the status of the intelligent rule hosting feature for a specific domain name.

Usage notes

You can call the SetDomainRuleGroup operation to configure the protection rule group of the protection rules engine feature and the status of the intelligent rule hosting feature for a specific domain name.

When you configure a protection rule group, you can use the loose, medium, or strict protection rule group that is provided by Web Application Firewall (WAF). You can also use a custom protection rule group.

Notice You cannot create a custom protection rule group by calling an API operation. To configure a custom protection rule group for a domain name, log on to the WAF console and choose System Management > Protection Rule Group. On the Protection Rule Group page, create a custom protection rule group and record its ID. Then, you can call the SetDomainRuleGroup operation to configure the custom protection rule group for the domain name.

Limits

You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes SetDomainRuleGroup

The operation that you want to perform. Set the value to SetDomainRuleGroup.

Domains String Yes ["www.aliyundoc.com"]

The list of domain names for which you want to configure a protection rule group. The value is a string that consists of JSON arrays.

You can specify multiple domain names in the ["<Domain name 1>","<Domain name 2>",...] format.

Note You can call the DescribeDomainList operation to query all domain names that are protected by WAF.
RuleGroupId Long Yes 1012

The ID of the protection rule group that is configured for the domain name. Valid values:

  • 1011: the built-in strict rule group
  • 1012: the built-in medium rule group
  • 1013: the built-in loose rule group

You can also configure the ID of a custom rule group.

Note To obtain the ID of a custom rule group, log on to the WAF console and choose System Management > Protection Rule Group.
WafVersion Long No 1

The version number for the current configuration, which is used to implement optimistic locking.

InstanceId String Yes waf-cn-tl32ast****

The ID of the WAF instance.

Note You can call the DescribeInstanceInfo operation to query the ID of the WAF instance.
ResourceGroupId String No rg-acfm2pz25js****

The ID of the resource group to which the domain name belongs in Resource Management.

If you do not specify this parameter, the WAF instance belongs to the default resource group.

WafAiStatus Integer No 1

The status of the intelligent rule hosting feature. Valid values:

  • 0: disabled
  • 1: enabled. This is the default value.

The intelligent rule hosting feature automatically learns the patterns of historical network traffic, identifies protection rules that may block normal requests in specific scenarios, and then adds the protection rules to the whitelist for web intrusion prevention. After the risk of blocking normal requests is eliminated, the intelligent rule hosting feature removes the protection rules from the whitelist.

All Alibaba Cloud API operations must include common request parameters. For more information about common request parameters, see Common parameters.

For more information about sample requests, see the "Examples" section of this topic.

Response parameters

Parameter Type Example Description
RequestId String D7861F61-5B61-46CE-A47C-6B19160D5EB0

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=SetDomainRuleGroup
&Domains=["www.aliyundoc.com"]
&RuleGroupId=1012
&InstanceId=waf-cn-tl32ast****
&Common request parameters

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<SetDomainRuleGroupResponse>
    <RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>
</SetDomainRuleGroupResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "D7861F61-5B61-46CE-A47C-6B19160D5EB0"
}

Error codes

For a list of error codes, visit the API Error Center.