Read Firewall Configuration

GET

security

firewall

config

{configVersion}

import { Vercel } from "@vercel/sdk";

const vercel = new Vercel({
  bearerToken: "<YOUR_BEARER_TOKEN_HERE>",
});

async function run() {
  const result = await vercel.security.getFirewallConfig({
    projectId: "<id>",
    teamId: "team_1a2b3c4d5e6f7g8h9i0j1k2l",
    slug: "my-team-url-slug",
    configVersion: "<value>",
  });

  // Handle the result
  console.log(result);
}

run();

{
  "ownerId": "<string>",
  "projectKey": "<string>",
  "id": "<string>",
  "version": 123,
  "updatedAt": "<string>",
  "firewallEnabled": true,
  "crs": {
    "sd": {
      "active": true,
      "action": "deny"
    },
    "ma": {
      "active": true,
      "action": "deny"
    },
    "lfi": {
      "active": true,
      "action": "deny"
    },
    "rfi": {
      "active": true,
      "action": "deny"
    },
    "rce": {
      "active": true,
      "action": "deny"
    },
    "php": {
      "active": true,
      "action": "deny"
    },
    "gen": {
      "active": true,
      "action": "deny"
    },
    "xss": {
      "active": true,
      "action": "deny"
    },
    "sqli": {
      "active": true,
      "action": "deny"
    },
    "sf": {
      "active": true,
      "action": "deny"
    },
    "java": {
      "active": true,
      "action": "deny"
    }
  },
  "rules": [
    {
      "id": "<string>",
      "name": "<string>",
      "description": "<string>",
      "active": true,
      "conditionGroup": [
        {
          "conditions": [
            {
              "type": "host",
              "op": "re",
              "neg": true,
              "key": "<string>",
              "value": "<string>"
            }
          ]
        }
      ],
      "action": {
        "mitigate": {
          "action": "deny",
          "rateLimit": {
            "algo": "fixed_window",
            "window": 123,
            "limit": 123,
            "keys": [
              "<string>"
            ],
            "action": "deny"
          },
          "redirect": {
            "location": "<string>",
            "permanent": true
          },
          "actionDuration": "<string>",
          "bypassSystem": true
        }
      }
    }
  ],
  "ips": [
    {
      "id": "<string>",
      "hostname": "<string>",
      "ip": "<string>",
      "notes": "<string>",
      "action": "deny"
    }
  ],
  "changes": [
    {}
  ],
  "managedRules": {}
}

Authorizations

Authorization

string

header

required

Default authentication mechanism

Path Parameters

configVersion

string

required

The deployed configVersion for the firewall configuration

Query Parameters

projectId

string

required

teamId

string

The Team identifier to perform the request on behalf of.

Example:

"team_1a2b3c4d5e6f7g8h9i0j1k2l"

slug

string

The Team slug to perform the request on behalf of.

Example:

"my-team-url-slug"

Response

200

application/json

If the firewall configuration includes a [custom managed ruleset](https://vercel.com/docs/security/vercel-waf/managed-rulesets), it will include a `crs` item that has the following values: sd: Scanner Detection ma: Multipart Attack lfi: Local File Inclusion Attack rfi: Remote File Inclusion Attack rce: Remote Execution Attack php: PHP Attack gen: Generic Attack xss: XSS Attack sqli: SQL Injection Attack sf: Session Fixation Attack java: Java Attack

ownerId

string

required

projectKey

string

required

string

required

version

number

required

updatedAt

string

required

firewallEnabled

boolean

required

crs

object

required

Custom Ruleset

crs.sd

object

required

Scanner Detection - Detect and prevent reconnaissance activities from network scanning tools.

crs.ma

object

required

Multipart Attack - Block attempts to bypass security controls using multipart/form-data encoding.

crs.lfi

object

required

Local File Inclusion Attack - Prevent unauthorized access to local files through web applications.

crs.rfi

object

required

Remote File Inclusion Attack - Prohibit unauthorized upload or execution of remote files.

crs.rce

object

required

Remote Execution Attack - Prevent unauthorized execution of remote scripts or commands.

crs.php

object

required

PHP Attack - Safeguard against vulnerability exploits in PHP-based applications.

crs.gen

object

required

Generic Attack - Provide broad protection from various undefined or novel attack vectors.

crs.xss

object

required

XSS Attack - Prevent injection of malicious scripts into trusted webpages.

crs.sqli

object

required

SQL Injection Attack - Prohibit unauthorized use of SQL commands to manipulate databases.

crs.sf

object

required

Session Fixation Attack - Prevent unauthorized takeover of user sessions by enforcing unique session IDs.

crs.java

object

required

Java Attack - Mitigate risks of exploitation targeting Java-based applications or components.

rules

object[]

required

ips

object[]

required

changes

object[]

required

managedRules

object

Update Firewall Configuration Read active attack data

import { Vercel } from "@vercel/sdk";

const vercel = new Vercel({
  bearerToken: "<YOUR_BEARER_TOKEN_HERE>",
});

async function run() {
  const result = await vercel.security.getFirewallConfig({
    projectId: "<id>",
    teamId: "team_1a2b3c4d5e6f7g8h9i0j1k2l",
    slug: "my-team-url-slug",
    configVersion: "<value>",
  });

  // Handle the result
  console.log(result);
}

run();

{
  "ownerId": "<string>",
  "projectKey": "<string>",
  "id": "<string>",
  "version": 123,
  "updatedAt": "<string>",
  "firewallEnabled": true,
  "crs": {
    "sd": {
      "active": true,
      "action": "deny"
    },
    "ma": {
      "active": true,
      "action": "deny"
    },
    "lfi": {
      "active": true,
      "action": "deny"
    },
    "rfi": {
      "active": true,
      "action": "deny"
    },
    "rce": {
      "active": true,
      "action": "deny"
    },
    "php": {
      "active": true,
      "action": "deny"
    },
    "gen": {
      "active": true,
      "action": "deny"
    },
    "xss": {
      "active": true,
      "action": "deny"
    },
    "sqli": {
      "active": true,
      "action": "deny"
    },
    "sf": {
      "active": true,
      "action": "deny"
    },
    "java": {
      "active": true,
      "action": "deny"
    }
  },
  "rules": [
    {
      "id": "<string>",
      "name": "<string>",
      "description": "<string>",
      "active": true,
      "conditionGroup": [
        {
          "conditions": [
            {
              "type": "host",
              "op": "re",
              "neg": true,
              "key": "<string>",
              "value": "<string>"
            }
          ]
        }
      ],
      "action": {
        "mitigate": {
          "action": "deny",
          "rateLimit": {
            "algo": "fixed_window",
            "window": 123,
            "limit": 123,
            "keys": [
              "<string>"
            ],
            "action": "deny"
          },
          "redirect": {
            "location": "<string>",
            "permanent": true
          },
          "actionDuration": "<string>",
          "bypassSystem": true
        }
      }
    }
  ],
  "ips": [
    {
      "id": "<string>",
      "hostname": "<string>",
      "ip": "<string>",
      "notes": "<string>",
      "action": "deny"
    }
  ],
  "changes": [
    {}
  ],
  "managedRules": {}
}

Endpoints

Authorizations

Path Parameters

Query Parameters

Response