Create a malware policy

post https://{hostname}/appsec/v1/configs/{configId}/versions/{versionNumber}/malware-policies

Create a new malware policy for a security configuration version.

Path Params

configId

int64

required

A unique identifier for each configuration.

versionNumber

integer

required

A unique identifier for each version of a configuration.

Query Params

accountSwitchKey

string

For customers who manage more than one account, this runs the operation from another account. The Identity and Access Management API provides a list of available account switch keys.

Body Params

allowListId

string

The ID of a client list containing file hashes of specific files to allow.

blockListId

string

The ID of a client list containing file hashes of specific files to block.

contentTypes

array of objects

The content types and encodings to match.

contentTypes

description

string

Descriptive text you provide about a policy.

hostnames

array of strings

required

The hostnames to match. This is where you want the malware detections to focus.

hostnames*

logFilename

boolean

Defaults to false

Whether to log the name of the file that triggered an alert or deny action.

name

string

required

The name you assign to a malware policy.

paths

array of strings

required

The paths to match. You can use the ? and * wildcards anywhere in a path.

paths*

Responses

Response body

object

allowListId

string

The ID of a client list containing file hashes of specific files to allow.

blockListId

string

The ID of a client list containing file hashes of specific files to block.

contentTypes

array of objects

The content types and encodings to match.

contentTypes

object

encodedContentAttributes

array of objects

An optional list of encoded attribute paths.

encodedContentAttributes

object

encoding

array of strings

The encodings used for the attribute path. Currently only base64 is supported.

encoding

path

string

The JSONPath to an attribute with encoded content. The path must point to a single item, and may not include the $, .., ? or * operators.

name

string

required

The name of the content type.

description

string

Descriptive text you provide about a policy.

hostnames

array of strings

required

The hostnames to match. This is where you want the malware detections to focus.

hostnames*

integer

Read-only Uniquely identifies each malware policy.

logFilename

boolean

Defaults to false

Whether to log the name of the file that triggered an alert or deny action.

name

string

required

The name you assign to a malware policy.

paths

array of strings

required

The paths to match. You can use the ? and * wildcards anywhere in a path.

paths*

Headers

object

Location

string

A URL to access the newly created resource.

Language

Authentication

Remember to add your authentication credentials to run this code.

URL


xxxxxxxxxx
1
curl --request POST \
2
     --url https://hostname/appsec/v1/configs/configId/versions/versionNumber/malware-policies \
3
     --header 'accept: application/json' \
4
     --header 'content-type: application/json'


xxxxxxxxxx
30
}
1
{
2
  "allowListId": "523719_ALLOWLIST",
3
  "blockListId": "524002_BLOCKLIST",
4
  "contentTypes": [
5
    {
6
      "encodedContentAttributes": [
7
        {
8
          "encoding": [
9
            "base64"
10
          ],
11
          "path": "image.imagePath"
12
        }
13
      ],
14
      "name": "application/json"
15
    }
16
  ],
17
  "description": "Malware scan configuration details",
18
  "hostnames": [
19
    "abc.com",
20
    "def.com",
21
    "xyz.com"
22
  ],
23
  "id": 82,
24
  "logFilename": true,
25
  "name": "FMS Configuration",

201Successfully created a malware policy.

400Bad request. Invalid request body or URL parameter input.

403Forbidden. You don't have access to malware policies in this security configuration.

404Not found. Security configuration version wasn't found.