文档中心 Cloud Security 2.0 User Guide Set API Security Policies

Set API Security Policies

更新时间:2024-06-13 16:41:15

Through API Security policies, you can specify different actions for Invalid API requests.

Before using API Security, you need to ensure that there are already defined APIs under the current hostname. If there is no defined API, you need to go to the API Inventory menu and directly add APIs under API Definition or create APIs based on the API asset automatically recognized by API Discovery.

Go to API Security

  1. Log in to the CDNetworks Console, find the security product in use under Subscribed Products.
  2. Go to Security Settings > Policies.
  3. Find the hostname for which you want to configure security policies, click [New Feature] WAF Rule Template .
  4. Go to API Security tab. If this policy is off, turn it on.

Set API Security Policies

On the API security page, the APIs displayed in the list are the APIs you created in the API Definition, and the default action is Not Used.
You can adjust the actions of relevant APIs according to application requirements, and the actions support Not Used, Log, and Block. You can also batch modify the actions of multiple APIs through the “Edit Action” button in the upper left corner of the list. The cloud security platform will detect the defined API specifications (including Request Methods, Authentication Method, Request Body and Parameter Constraints) and perform corresponding actions on APIs that do not meet the definition. The meaning of actions can be found in Basic Concept.
After setting API security policies, you need to click the Publish button at the bottom of the page to make the configuration effective.

本篇文档内容对您是否有帮助?
有帮助
我要反馈
提交成功!非常感谢您的反馈,我们会继续努力做到更好!