ProtectionSettings

class oci.waas.models.ProtectionSettings(**kwargs)

Bases: object

The settings used for protection rules.

ALLOWED_HTTP_METHODS_CONNECT = 'CONNECT'

A constant which can be used with the allowed_http_methods property of a ProtectionSettings. This constant has a value of "CONNECT"

ALLOWED_HTTP_METHODS_DELETE = 'DELETE'

A constant which can be used with the allowed_http_methods property of a ProtectionSettings. This constant has a value of "DELETE"

ALLOWED_HTTP_METHODS_GET = 'GET'

A constant which can be used with the allowed_http_methods property of a ProtectionSettings. This constant has a value of "GET"

ALLOWED_HTTP_METHODS_HEAD = 'HEAD'

A constant which can be used with the allowed_http_methods property of a ProtectionSettings. This constant has a value of "HEAD"

ALLOWED_HTTP_METHODS_OPTIONS = 'OPTIONS'

A constant which can be used with the allowed_http_methods property of a ProtectionSettings. This constant has a value of "OPTIONS"

ALLOWED_HTTP_METHODS_PATCH = 'PATCH'

A constant which can be used with the allowed_http_methods property of a ProtectionSettings. This constant has a value of "PATCH"

ALLOWED_HTTP_METHODS_POST = 'POST'

A constant which can be used with the allowed_http_methods property of a ProtectionSettings. This constant has a value of "POST"

ALLOWED_HTTP_METHODS_PROPFIND = 'PROPFIND'

A constant which can be used with the allowed_http_methods property of a ProtectionSettings. This constant has a value of "PROPFIND"

ALLOWED_HTTP_METHODS_PUT = 'PUT'

A constant which can be used with the allowed_http_methods property of a ProtectionSettings. This constant has a value of "PUT"

ALLOWED_HTTP_METHODS_TRACE = 'TRACE'

A constant which can be used with the allowed_http_methods property of a ProtectionSettings. This constant has a value of "TRACE"

BLOCK_ACTION_SET_RESPONSE_CODE = 'SET_RESPONSE_CODE'

A constant which can be used with the block_action property of a ProtectionSettings. This constant has a value of "SET_RESPONSE_CODE"

BLOCK_ACTION_SHOW_ERROR_PAGE = 'SHOW_ERROR_PAGE'

A constant which can be used with the block_action property of a ProtectionSettings. This constant has a value of "SHOW_ERROR_PAGE"

__init__(**kwargs)

Initializes a new ProtectionSettings object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:
  • block_action (str) -- The value to assign to the block_action property of this ProtectionSettings. Allowed values for this property are: "SHOW_ERROR_PAGE", "SET_RESPONSE_CODE", 'UNKNOWN_ENUM_VALUE'. Any unrecognized values returned by a service will be mapped to 'UNKNOWN_ENUM_VALUE'.
  • block_response_code (int) -- The value to assign to the block_response_code property of this ProtectionSettings.
  • block_error_page_message (str) -- The value to assign to the block_error_page_message property of this ProtectionSettings.
  • block_error_page_code (str) -- The value to assign to the block_error_page_code property of this ProtectionSettings.
  • block_error_page_description (str) -- The value to assign to the block_error_page_description property of this ProtectionSettings.
  • max_argument_count (int) -- The value to assign to the max_argument_count property of this ProtectionSettings.
  • max_name_length_per_argument (int) -- The value to assign to the max_name_length_per_argument property of this ProtectionSettings.
  • max_total_name_length_of_arguments (int) -- The value to assign to the max_total_name_length_of_arguments property of this ProtectionSettings.
  • recommendations_period_in_days (int) -- The value to assign to the recommendations_period_in_days property of this ProtectionSettings.
  • is_response_inspected (bool) -- The value to assign to the is_response_inspected property of this ProtectionSettings.
  • max_response_size_in_ki_b (int) -- The value to assign to the max_response_size_in_ki_b property of this ProtectionSettings.
  • allowed_http_methods (list[str]) -- The value to assign to the allowed_http_methods property of this ProtectionSettings. Allowed values for items in this list are: "OPTIONS", "GET", "HEAD", "POST", "PUT", "DELETE", "TRACE", "CONNECT", "PATCH", "PROPFIND", 'UNKNOWN_ENUM_VALUE'. Any unrecognized values returned by a service will be mapped to 'UNKNOWN_ENUM_VALUE'.
  • media_types (list[str]) -- The value to assign to the media_types property of this ProtectionSettings.
allowed_http_methods

Gets the allowed_http_methods of this ProtectionSettings. The list of allowed HTTP methods. If unspecified, default to [OPTIONS, GET, HEAD, POST]. This setting only applies if a corresponding protection rule is enabled, such as the "Restrict HTTP Request Methods" rule (key: 911100).

Allowed values for items in this list are: "OPTIONS", "GET", "HEAD", "POST", "PUT", "DELETE", "TRACE", "CONNECT", "PATCH", "PROPFIND", 'UNKNOWN_ENUM_VALUE'. Any unrecognized values returned by a service will be mapped to 'UNKNOWN_ENUM_VALUE'.

Returns:The allowed_http_methods of this ProtectionSettings.
Return type:list[str]
block_action

Gets the block_action of this ProtectionSettings. If action is set to BLOCK, this specifies how the traffic is blocked when detected as malicious by a protection rule. If unspecified, defaults to SET_RESPONSE_CODE.

Allowed values for this property are: "SHOW_ERROR_PAGE", "SET_RESPONSE_CODE", 'UNKNOWN_ENUM_VALUE'. Any unrecognized values returned by a service will be mapped to 'UNKNOWN_ENUM_VALUE'.

Returns:The block_action of this ProtectionSettings.
Return type:str
block_error_page_code

Gets the block_error_page_code of this ProtectionSettings. The error code to show on the error page when action is set to BLOCK, blockAction is set to SHOW_ERROR_PAGE, and the traffic is detected as malicious by a protection rule. If unspecified, defaults to 403.

Returns:The block_error_page_code of this ProtectionSettings.
Return type:str
block_error_page_description

Gets the block_error_page_description of this ProtectionSettings. The description text to show on the error page when action is set to BLOCK, blockAction is set to SHOW_ERROR_PAGE, and the traffic is detected as malicious by a protection rule. If unspecified, defaults to Access blocked by website owner. Please contact support.

Returns:The block_error_page_description of this ProtectionSettings.
Return type:str
block_error_page_message

Gets the block_error_page_message of this ProtectionSettings. The message to show on the error page when action is set to BLOCK, blockAction is set to SHOW_ERROR_PAGE, and the traffic is detected as malicious by a protection rule. If unspecified, defaults to 'Access to the website is blocked.'

Returns:The block_error_page_message of this ProtectionSettings.
Return type:str
block_response_code

Gets the block_response_code of this ProtectionSettings. The response code returned when action is set to BLOCK, blockAction is set to SET_RESPONSE_CODE, and the traffic is detected as malicious by a protection rule. If unspecified, defaults to 403.

Returns:The block_response_code of this ProtectionSettings.
Return type:int
is_response_inspected

Gets the is_response_inspected of this ProtectionSettings. Inspects the response body of origin responses. Can be used to detect leakage of sensitive data. If unspecified, defaults to false.

Note: Only origin responses with a Content-Type matching a value in mediaTypes will be inspected.

Returns:The is_response_inspected of this ProtectionSettings.
Return type:bool
max_argument_count

Gets the max_argument_count of this ProtectionSettings. The maximum number of arguments allowed to be passed to your application before an action is taken. Arguements are query parameters or body parameters in a PUT or POST request. If unspecified, defaults to 255. This setting only applies if a corresponding protection rule is enabled, such as the "Number of Arguments Limits" rule (key: 960335).

Example: If maxArgumentCount to 2 for the Max Number of Arguments protection rule (key: 960335), the following requests would be blocked: GET /myapp/path?query=one&query=two&query=three POST /myapp/path with Body {"argument1":"one","argument2":"two","argument3":"three"}

Returns:The max_argument_count of this ProtectionSettings.
Return type:int
max_name_length_per_argument

Gets the max_name_length_per_argument of this ProtectionSettings. The maximum length allowed for each argument name, in characters. Arguements are query parameters or body parameters in a PUT or POST request. If unspecified, defaults to 400. This setting only applies if a corresponding protection rule is enabled, such as the "Values Limits" rule (key: 960208).

Returns:The max_name_length_per_argument of this ProtectionSettings.
Return type:int
max_response_size_in_ki_b

Gets the max_response_size_in_ki_b of this ProtectionSettings. The maximum response size to be fully inspected, in binary kilobytes (KiB). Anything over this limit will be partially inspected. If unspecified, defaults to 1024.

Returns:The max_response_size_in_ki_b of this ProtectionSettings.
Return type:int
max_total_name_length_of_arguments

Gets the max_total_name_length_of_arguments of this ProtectionSettings. The maximum length allowed for the sum of the argument name and value, in characters. Arguements are query parameters or body parameters in a PUT or POST request. If unspecified, defaults to 64000. This setting only applies if a corresponding protection rule is enabled, such as the "Total Arguments Limits" rule (key: 960341).

Returns:The max_total_name_length_of_arguments of this ProtectionSettings.
Return type:int
media_types

Gets the media_types of this ProtectionSettings. The list of media types to allow for inspection, if isResponseInspected is enabled. Only responses with MIME types in this list will be inspected. If unspecified, defaults to ["text/html", "text/plain", "text/xml"].

Supported MIME types include:

  • text/html
  • text/plain
  • text/asp
  • text/css
  • text/x-script
  • application/json
  • text/webviewhtml
  • text/x-java-source
  • application/x-javascript
  • application/javascript
  • application/ecmascript
  • text/javascript
  • text/ecmascript
  • text/x-script.perl
  • text/x-script.phyton
  • application/plain
  • application/xml
  • text/xml
Returns:The media_types of this ProtectionSettings.
Return type:list[str]
recommendations_period_in_days

Gets the recommendations_period_in_days of this ProtectionSettings. The length of time to analyze traffic traffic, in days. After the analysis period, WafRecommendations will be populated. If unspecified, defaults to 10.

Use GET /waasPolicies/{waasPolicyId}/wafRecommendations to view WAF recommendations.

Returns:The recommendations_period_in_days of this ProtectionSettings.
Return type:int