Modify the penalty box

put

https://{hostname}/appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/penalty-box

All products Modifies the penalty box settings for a security policy. When the penalty box is enabled for a policy, clients that trigger a WAF Deny action are placed in the penalty box. There, the action you select for penalty box (either Alert or Deny) continues to apply to any requests from that client for the next 10 minutes.

Path Params

configId

int64

required

A unique identifier for each configuration.

versionNumber

integer

required

A unique identifier for each version of a configuration.

policyId

string

required

A unique identifier for a security policy.

Query Params

accountSwitchKey

string

For customers who manage more than one account, this runs the operation from another account. The Identity and Access Management API provides a list of available account switch keys.

Body Params

action

enum

required

penaltyBoxProtection

boolean

required

Specifies whether penalty box protection is enabled for the security policy. When set to true the action occurs if triggered by a request.

Headers

string

enum

Defaults to application/json

Generated from available response content types

Allowed:

Responses

Language

URL

Response

Choose an example:

application/json

application/problem+json

200Successfully updated penalty box protection for security policy.

400Invalid. Client error, such as invalid or malformed input.

403Forbidden. You don't have permission to write to this resource.

404Not found. The security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy.

500Internal server error. Something went wrong on our side. Try again in a few minutes or contact support if the error persists.