# API接口
# 调用方式
API调用域名为: api.jxwaf.com
所有的API接口只接受JSON格式数据
通用参数为api_key和api_password,这两个参数值需要登录控制台后,在 WAF管理 -> 全局配置 页面获取
# 获取域名列表
API地址:
https://api.jxwaf.com/api/waf_get_domain_list
参数:
{"api_key":"","api_password":""}
结果:
{
"message": [
{
"domain": "180.76.137.111",
"http": "true",
"custom_protection": "true",
"owasp_protection": "true",
"cc_protection": "true",
"https": "false"
},
{
"domain": "demo.jxwaf.top",
"http": "true",
"custom_protection": "false",
"owasp_protection": "true",
"cc_protection": "true",
"https": "true"
}
],
"result": true
}
# 获取域名详细信息
API地址:
https://api.jxwaf.com/api/waf_get_domain
参数:
{"api_key":"","api_password":"","domain":"demo.jxwaf.top"}
结果:
{
"message": {
"public_key": null,
"domain": "demo.jxwaf.top",
"http": "true",
"redirect_https": "false",
"source_ip": "1.1.1.1",
"private_key": null,
"proxy_ip": "",
"proxy": "false",
"https": "false",
"enc_https": "false",
"source_http_port": "80"
},
"result": true
}
# 删除域名
API地址:
https://api.jxwaf.com/api/waf_del_domain
参数:
{"api_key":"","api_password":"","domain":"demo.jxwaf.top"}
结果:
{
"message": "del success",
"result": true
}
# 新建域名
API地址:
https://api.jxwaf.com/api/waf_create_domain
参数:
{"api_key":"","api_password":"","source_http_port":"80","proxy":"true","redirect_https":"true","enc_https":"true","domain":"demo.jxwaf.top","public_key":"123","private_key":"456","proxy_ip":"1.2.3.4","source_ip":"1.1.1.1","http":"true","https":"true"}
参数 | 描述 |
---|---|
domain | 域名 |
http | 如果支持http访问,则值为"true",否则为"false" |
https | 如果支持https访问,则值为"true",否则为"false" |
source_http_port | 源服务器端口(仅支持http回源) |
redirect_https | 是否开启http强制跳转https,是则值为"true",否则为"false" |
enc_https | 是否开启私钥AES加密,是则值为"true",否则为"false" |
proxy | WAF是否存在代理,是则值为"true",否则为"false" |
proxy_ip | 代理地址,支持子网掩码,英文逗号分割 |
不清楚的可以查看控制台提交的请求参数
结果:
{
"message": "create success",
"result": true
}
# 编辑域名
API地址:
https://api.jxwaf.com/api/waf_edit_domain
参数:
{"api_key":"","api_password":"","source_http_port":"80","proxy":"false","redirect_https":"true","enc_https":"true","domain":"demo.jxwaf.top","public_key":"123","private_key":"456","proxy_ip":"1.1.3.4","source_ip":"1.1.1.2","http":"true","https":"true"}
参数 | 描述 |
---|---|
domain | 域名 |
http | 如果支持http访问,则值为"true",否则为"false" |
https | 如果支持https访问,则值为"true",否则为"false" |
source_http_port | 源服务器端口(仅支持http回源) |
redirect_https | 是否开启http强制跳转https,是则值为"true",否则为"false" |
enc_https | 是否开启私钥AES加密,是则值为"true",否则为"false" |
proxy | WAF是否存在代理,是则值为"true",否则为"false" |
proxy_ip | 代理地址,支持子网掩码,英文逗号分割 |
不清楚的可以查看控制台提交的请求参数
结果:
{
"message": "edit success",
"result": true
}
# 获取域名防护配置
API地址:
https://api.jxwaf.com/api/waf_get_protection
参数:
{"api_key":"","api_password":"","domain":"demo.jxwaf.top"}
结果:
{
"message": {
"domain": "demo.jxwaf.top",
"custom_protection": "false",
"owasp_protection": "true",
"attack_ip_protection": "false",
"cc_protection": "false",
"ip_config": "false",
"page_custom": "false",
"geoip": "false",
"geo_protection": "false"
},
"result": true
}
# 修改域名防护配置
API地址:
https://api.jxwaf.com/api/waf_edit_protection
参数:
{"api_key":"","api_password":"","domain":"demo.jxwaf.top","custom_protection":"false","owasp_protection":"true","attack_ip_protection":"false","cc_protection":"false","ip_config":"false","page_custom":"false","geoip":"false","geo_protection":"false"}
结果:
{
"message": "edit success",
"result": true
}
# 获取CC攻击防护配置
API地址:
https://api.jxwaf.com/api/waf_get_cc_protection
参数:
{"api_key":"","api_password":"","domain":"demo.jxwaf.top"}
结果:
{
"message": {
"count": "600",
"domain_qps": "2000",
"ip_qps": "10",
"black_ip_time": "60",
"attack_ip_expire_qps": "5",
"bot_check": "true",
"attack_count": "100",
"ip_expire_qps": "10",
"attack_ip_qps": "5",
"attack_black_ip_time": "300",
"all_request_bot_check": "false"
},
"result": true
}
# 修改CC攻击防护配置
API地址:
https://api.jxwaf.com/api/waf_edit_protection
参数:
{"api_key":"","api_password":"","count":"600","domain_qps":"2000","ip_qps":"10","black_ip_time":"60","attack_ip_expire_qps":"5","bot_check":"true","attack_count":"100","ip_expire_qps":"10","attack_ip_qps":"5","attack_black_ip_time":"300","all_request_bot_check":"false","domain":"demo.jxwaf.top"}
结果:
{
"message": "edit success",
"result": true
}
# 获取Web攻击防护配置
API地址:
https://api.jxwaf.com/api/api_get_owasp_check
参数:
{"api_key":"","api_password":"","domain":"demo.jxwaf.top"}
结果:
{
"message": {
"white_request_bypass": "true",
"sql_check": "true",
"command_inject_check": "true",
"file_traversal_check_time": "60",
"virtual_patch_check": "true",
"upload_check_rule": "(.jpg|.png)$",
"white_request_log": "true",
"webshell_check": "true",
"file_traversal_check_count": "60",
"black_attack_ip": "true",
"upload_check": "false",
"attack_request_log": "true",
"xss_check": "true",
"file_traversal_check": "false",
"file_traversal_check_ratio": "0.7",
"file_traversal_black_time": "3600",
"sensitive_file_check": "true",
"anomaly_request_log": "true",
"directory_traversal_check": "true",
"owasp_protection_mode": "true"
},
"result": true
}
# 修改Web攻击防护配置
API地址:
https://api.jxwaf.com/api/waf_edit_owasp_check
参数:
{"api_key":"","api_password":"","white_request_bypass":"true","sql_check":"true","command_inject_check":"true","file_traversal_check_time":"60","virtual_patch_check":"true","upload_check_rule":"(.jpg|.png)$","white_request_log":"true","webshell_check":"true","file_traversal_check_count":"60","black_attack_ip":"true","upload_check":"false","attack_request_log":"true","xss_check":"true","file_traversal_check":"false","file_traversal_check_ratio":"0.7","file_traversal_black_time":"3600","sensitive_file_check":"true","anomaly_request_log":"true","directory_traversal_check":"true","owasp_protection_mode":"true","domain":"demo.jxwaf.top"}
结果:
{
"message": "edit success",
"result": true
}
# 创建IP黑白名单
API地址:
https://api.jxwaf.com/api/waf_create_ip_rule
参数:
{"api_key":"","api_password":"","rule_action":"deny","ip":"1.2.3.4","domain":"demo.jxwaf.top"}
结果:
{"message": "create success", "result": true}
# 删除IP黑白名单
API地址:
https://api.jxwaf.com/api/waf_del_ip_rule
参数:
{"api_key":"","api_password":"","domain":"demo.jxwaf.top","ip":"1.2.3.4"}
结果:
{"message": "del success", "result": true}
# 查看IP黑白名单列表
API地址:
https://api.jxwaf.com/api/waf_get_ip_rule_list
参数:
{"api_key":"","api_password":"","domain":"demo.jxwaf.top"}
结果:
{
"message": [
{
"rule_action": "deny",
"ip": "1.1.1.1",
"time": "2020-03-02T17:35:12.802"
}
],
"result": true
}