1. 接口描述
接口请求域名: teo.tencentcloudapi.com 。
查询安全策略配置模板详情
默认接口请求频率限制:20次/秒。
推荐使用 API Explorer
点击调试
API Explorer 提供了在线调用、签名验证、SDK 代码生成和快速检索接口等能力。您可查看每次调用的请求内容和返回结果以及自动生成 SDK 调用示例。
2. 输入参数
以下请求参数列表仅列出了接口请求参数和部分公共参数,完整公共参数列表见 公共请求参数。
| 参数名称 | 必选 | 类型 | 描述 |
|---|---|---|---|
| Action | 是 | String | 公共参数,本接口取值:DescribeWebSecurityTemplate。 |
| Version | 是 | String | 公共参数,本接口取值:2022-09-01。 |
| Region | 否 | String | 公共参数,此参数为可选参数。 |
| ZoneId | 是 | String | 站点 ID。需要传入目标策略模板在访问权限上归属的站点,可使用 DescribeWebSecurityTemplates 接口查询策略模板归属的站点。 |
| TemplateId | 是 | String | 策略模板 ID。 |
3. 输出参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
| SecurityPolicy | SecurityPolicy | 安全策略模板配置内容,Bot 配置暂不支持,正在开发中。 |
| RequestId | String | 唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。 |
4. 示例
示例1 查询安全策略配置模板详情
查询 zone-a012rw4m76cy 站点中 temp-a9s1ekqt 策略模板的配置内容。
输入示例
POST / HTTP/1.1
Host: teo.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeWebSecurityTemplate
<公共请求参数>
{
"ZoneId": "zone-a012rw4m76cy",
"TemplateId": "temp-a9s1ekqt"
}输出示例
{
"Response": {
"RequestId": "cb5d2c0e-295e-412a-891a-9f8ab6057b4a",
"SecurityPolicy": {
"ExceptionRules": {
"Rules": [
{
"Id": "1492837231",
"Name": "ExampleSkipModule",
"Condition": "${http.request.uri.path} in ['/api/v3/test','/api/v3/submit'] and ${http.request.method} in ['POST']",
"SkipScope": "WebSecurityModules",
"WebSecurityModulesForException": [
"websec-mod-custom-rules",
"websec-mod-rate-limiting"
],
"Enabled": "On"
},
{
"Id": "1492837231",
"Name": "SampleSkipManagedRule",
"Condition": "${http.request.uri.path} in ['/api/v3/test','/api/v3/submit'] and ${http.request.method} in ['POST']",
"SkipScope": "ManagedRules",
"SkipOption": "SkipOnAllRequestFields",
"ManagedRulesForException": [
"4401215074",
"4368124487"
],
"Enabled": "On"
},
{
"Id": "1492837231",
"Name": "SampleSkipManagedRule",
"Condition": "${http.request.uri.path} in ['/api/v3/test','/api/v3/submit'] and ${http.request.method} in ['POST']",
"SkipScope": "ManagedRules",
"SkipOption": "SkipOnAllRequestFields",
"ManagedRuleGroupsForException": [
"wafgroup-sql-injection-attacks"
],
"Enabled": "On"
},
{
"Id": "1492837231",
"Name": "SampleSkipManagedRuleForField",
"Condition": "${http.request.uri.path} in ['/api/v3/test','/api/v3/submit'] and ${http.request.method} in ['POST']",
"SkipScope": "ManagedRules",
"ManagedRulesForException": [
"4401215074",
"4368124487"
],
"SkipOption": "SkipOnSpecifiedRequestFields",
"RequestFieldsForException": [
{
"Scope": "cookie",
"Condition": "",
"TargetField": "key"
},
{
"Scope": "cookie",
"Condition": "${key} in ['session-id']",
"TargetField": "value"
},
{
"Scope": "cookie",
"Condition": "${key} in ['account-id'] and ${value} like ['prefix-*']",
"TargetField": "value"
},
{
"Scope": "header",
"Condition": "",
"TargetField": "key"
},
{
"Scope": "header",
"Condition": "${key} in ['x-trace-id']",
"TargetField": "value"
},
{
"Scope": "header",
"Condition": "${key} like ['x-auth-*'] and ${value} like ['Bearer *']",
"TargetField": "value"
},
{
"Scope": "uri.query",
"Condition": "",
"TargetField": "key"
},
{
"Scope": "uri.query",
"Condition": "${key} in ['action']",
"TargetField": "value"
},
{
"Scope": "uri.query",
"Condition": "${key} in ['action'] and ${value} in ['upload', 'delete']",
"TargetField": "value"
},
{
"Scope": "uri",
"Condition": "",
"TargetField": "query"
},
{
"Scope": "uri",
"Condition": "",
"TargetField": "path"
},
{
"Scope": "uri",
"Condition": "",
"TargetField": "fullpath"
},
{
"Scope": "body.json",
"Condition": "",
"TargetField": "key"
},
{
"Scope": "body.json",
"Condition": "${key} in ['user.id']",
"TargetField": "value"
},
{
"Scope": "body.json",
"Condition": "${key} in ['user.id'] and ${value} in ['1234', '5678']",
"TargetField": "value"
},
{
"Scope": "body",
"Condition": "",
"TargetField": "fullbody"
},
{
"Scope": "body",
"Condition": "",
"TargetField": "multipart"
}
],
"Enabled": "On"
}
]
},
"CustomRules": {
"Rules": [
{
"Id": "1492837231",
"Name": "ASimpleIPRule",
"Condition": "${http.request.ip} in ['1.1.1.1', '10.10.10.0/24'] or ${http.request.ip.asn} in ['132203']",
"Action": {
"Name": "Deny"
},
"Enabled": "on",
"RuleType": "PreciseMatchRule",
"Priority": 50
}
]
},
"HttpDDoSProtection": {
"AdaptiveFrequencyControl": {
"Enabled": "on",
"Sensitivity": "Loose",
"Action": {
"Name": "Monitor"
}
},
"ClientFiltering": {
"Enabled": "on",
"Action": {
"Name": "Monitor"
}
},
"BandwidthAbuseDefense": {
"Enabled": "on",
"Action": {
"Name": "Monitor"
}
},
"SlowAttackDefense": {
"Enabled": "on",
"Action": {
"Name": "Monitor"
},
"MinimalRequestBodyTransferRate": {
"MinimalAvgTransferRateThreshold": "50bps",
"CountingPeriod": "60s"
},
"RequestBodyTransferTimeout": {
"IdleTimeout": "5s"
}
}
},
"RateLimitingRules": {
"Rules": [
{
"Enabled": "on",
"Name": "SampleHttpDdosRule",
"Condition": "${http.request.uri.path} in ['/api/v3/test','/api/v3/submit']",
"CountBy": [
"http.request.ip",
"http.request.cookies['UserSession']"
],
"MaxRequestThreshold": 1000,
"CountingPeriod": "2m",
"ActionDuration": "20h",
"Action": {
"Name": "ManagedChallenge"
},
"Id": "2181399690",
"Priority": 100
}
]
},
"ManagedRules": {
"Enabled": "on",
"AutoUpdate": {
"AutoUpdateToLatestVersion": "off",
"RulesetVersion": "2023-12-21T12:00:32Z"
},
"SemanticAnalysis": "on",
"DetectionOnly": "on",
"ManagedRuleGroups": [
{
"GroupId": "wafmanagedrulegroup-vulnerability-scanners",
"SensitivityLevel": "loose",
"Action": {
"Name": "Monitor"
},
"MetaData": {
"GroupDetail": "扫描器攻击漏洞防护",
"GroupName": "扫描器攻击漏洞防护",
"RuleDetails": [
{
"RuleId": "4401215444",
"RiskLevel": "extreme",
"Description": "针对dedecms历史sql注入漏洞的防护规则",
"Tags": [],
"RuleVersion": "2023-12-21T12:00:32Z"
},
{
"RuleId": "4401214877",
"RiskLevel": "medium",
"Description": "拦截常见扫描器的xss验证payload",
"Tags": [],
"RuleVersion": "2023-12-21T12:00:32Z"
}
]
}
}
]
}
}
}
}5. 开发者资源
腾讯云 API 平台
腾讯云 API 平台 是综合 API 文档、错误码、API Explorer 及 SDK 等资源的统一查询平台,方便您从同一入口查询及使用腾讯云提供的所有 API 服务。
API Inspector
用户可通过 API Inspector 查看控制台每一步操作关联的 API 调用情况,并自动生成各语言版本的 API 代码,也可前往 API Explorer 进行在线调试。
SDK
云 API 3.0 提供了配套的开发工具集(SDK),支持多种编程语言,能更方便的调用 API。
- Tencent Cloud SDK 3.0 for Python: CNB, GitHub, Gitee
- Tencent Cloud SDK 3.0 for Java: CNB, GitHub, Gitee
- Tencent Cloud SDK 3.0 for PHP: CNB, GitHub, Gitee
- Tencent Cloud SDK 3.0 for Go: CNB, GitHub, Gitee
- Tencent Cloud SDK 3.0 for Node.js: CNB, GitHub, Gitee
- Tencent Cloud SDK 3.0 for .NET: CNB, GitHub, Gitee
- Tencent Cloud SDK 3.0 for C++: CNB, GitHub, Gitee
- Tencent Cloud SDK 3.0 for Ruby: CNB, GitHub, Gitee
命令行工具
6. 错误码
该接口暂无业务逻辑相关的错误码,其他错误码详见 公共错误码。
