Modify protectionsCopy Pageput https://{hostname}/appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/protectionsAll products Update the security policy protections. This applies a set of protections that you can enable individually.Path ParamsconfigIdint64requiredA unique identifier for each configuration.versionNumberintegerrequiredA unique identifier for each version of a configuration.policyIdstringrequiredA unique identifier for a security policy.Query ParamsaccountSwitchKeystringFor customers who manage more than one account, this runs the operation from another account. The Identity and Access Management API provides a list of available account switch keys.Body ParamsThese settings enable or disable each protection on your policy. However, you set the protections themselves in their corresponding operations available in this API.applyApiConstraintsbooleanWhen enabled, this protection responds to triggers with a specified action.truetruefalseapplyApplicationLayerControlsbooleanWhen enabled, your security policy applies the Web Application Firewall controls to your traffic.truetruefalseapplyCpcControlsbooleanDefaults to falseWhen enabled, your security policy applies Client-Side Protection & Compliance controls to your match target.truefalseapplyMalwareControlsbooleanWhen enabled, your security policy applies file malware scanning controls to your traffic.truetruefalseapplyNetworkLayerControlsbooleanWhen enabled, your security policy applies the network layer control settings to your traffic.truetruefalseapplyRateControlsbooleanWhen enabled, your security policy applies the rate control settings to your traffic. Rate controls monitor and flag traffic too fast to be from a human.truetruefalseapplyReputationControlsbooleanWhen enabled, your security policy applies the reputation profile settings to your traffic. Reputation profile analyses IP addresses based on their prior interactions with Akamai customers, then alerts on or blocks potentially malicious IP addresses from issuing requests.truetruefalseapplySlowPostControlsbooleanWhen enabled, your security policy applies slow POST controls to your traffic.truetruefalseHeadersacceptstringenumDefaults to application/jsonGenerated from available response content typesapplication/jsonapplication/problem+jsonAllowed:application/jsonapplication/problem+jsonResponses 200Successfully updated the security policy protections. 400Invalid. Client error, such as invalid or malformed input. 403Forbidden. You don't have permission to write to this resource. 404Not found. The security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy. 500Internal server error. Something went wrong on our side. Try again in a few minutes or contact support if the error persists.Updated about 1 month ago