Add custom rules

In this example, you create a new custom rule to protect your application against SQL injection threats.

run.ts
import { Vercel } from '@vercel/sdk';

const vercel = new Vercel({
  bearerToken: process.env.VERCEL_TOKEN,
});

async function insertCustomRule() {
  await vercel.security.updateFirewallConfig({
    projectId: "your-project-id",
    requestBody: {
      action: "rules.insert",
      id: null, // null for new rules
      value: {
        active: true,
        name: "Block SQL Injection Attempts",
        description: "Block requests with SQL injection patterns in query parameters",
        conditionGroup: [
          {
            conditions: [
              {
                op: "inc", // Contains
                type: "query",
                value: "SELECT",
              },
            ],
          },
        ],
        action: {
          mitigate: {
            action: "deny",
            rateLimit: null,
            redirect: null,
            actionDuration: null,
          },
        },
      },
    },
  });
}

insertCustomRule()

Modify existing rules

In this example, you update an existing custom rule’s configuration. This is useful When you need to programmatically adjust conditions, actions, or status of an existing rule.

run.ts
import { Vercel } from "@vercel/sdk";

const vercel = new Vercel({
  bearerToken: process.env.VERCEL_TOKEN,
});

async function updateExistingRule() {
  await vercel.security.updateFirewallConfig({
    projectId: "your-project-id",
    teamId: "your-team-id", //Not required
    requestBody: {
      action: "rules.update",
      id: "existing-rule-id", //You can find the id from Read Firewall Configuration endpoint
      value: {
        active: true,
        name: "Updated Rule Name",
        description: "Updated rule description",
        conditionGroup: [
          {
            conditions: [
              {
                op: "pre",
                type: "path",
                value: "/admin",
              },
            ],
          },
        ],
        action: {
          mitigate: {
            action: "challenge", // Changed from previous setting
            rateLimit: null,
            redirect: null,
            actionDuration: null,
          },
        },
      },
    },
  });
}

updateExistingRule()

Delete custom rules

In this example, you delete an existing custom rule.

run.ts
import { Vercel } from "@vercel/sdk";

const vercel = new Vercel({
  bearerToken: process.env.VERCEL_TOKEN,
});

async function deleteRule() {
  await vercel.security.updateFirewallConfig({
    projectId: "your-project-id",
    requestBody: {
      action: "rules.delete",
      id: "rule-to-delete-id", //You can find the id from Read Firewall Configuration endpoint
      value: null, // No value needed for deletion
    },
  });
}

deleteRule()