当前内容仅提供英语版本,中文版我们将尽快补充,感谢您的理解。

ModifyWebSecurityTemplate

1. API Description

Domain name for API request: teo.intl.tencentcloudapi.com.

This API is used to modify the security policy configuration template.

A maximum of 20 requests can be initiated per second for this API.

We recommend you to use API Explorer
Try it
API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.

2. Input Parameters

The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.

Parameter NameRequiredTypeDescription
ActionYesStringCommon Params. The value used for this API: ModifyWebSecurityTemplate.
VersionYesStringCommon Params. The value used for this API: 2022-09-01.
RegionNoStringCommon Params. This parameter is not required.
ZoneIdYesStringZone ID. The zone to which the target policy template belongs for access control. Use the DescribeWebSecurityTemplates interface to query the zone of the policy template.
TemplateIdYesStringPolicy template ID.
TemplateNameNoStringModified policy template name. Consists of Chinese characters, letters, numbers, and underscores, cannot start with an underscore, and must not exceed 32 characters. If the field is empty, no modification will be made.
SecurityPolicyNoSecurityPolicySecurity policy template configuration content. If the value is empty, no modification will be made; submodule structures not passed in will not be modified. Currently supports exception rules, custom rules, rate limiting rules, and managed rule configurations in the Web Security module, using expression syntax for security policy configuration. Bot management rule configuration is not yet supported (under development).
Special note: When passing a submodule structure as input, ensure all rule content to be retained is included. Rule content not passed in will be treated as deleted.

3. Output Parameters

Parameter NameTypeDescription
RequestIdStringThe unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem.

4. Example

Example1 Modifying a Policy Template Name

This example shows you how to modify the name of the template temp-cuwgt1ca under the site zone-2wkpkd52pku2 to "Web Protection Standard Template V2".

Input Example

POST / HTTP/1.1
Host: teo.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: ModifyWebSecurityTemplate
<Common request parameters>

{
    "ZoneId": "zone-2wkpkd52pku2",
    "TemplateId": "temp-cuwgt1ca",
    "TemplateName": "Web protection standard template V2"
}

Output Example

{
    "Response": {
        "RequestId": "09ce3d28-1119-49cd-d5a9-27cb34dac669"
    }
}

Example2 Modifying Policy Template Configuration Content

This example shows you how to modify the configuration content of the temp-cuwgt1ca Template under the zone-2wkpkd52pku2 site.

Input Example

POST / HTTP/1.1
Host: teo.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: ModifyWebSecurityTemplate
<Common request parameters>

{
    "ZoneId": "zone-2wkpkd52pku2",
    "TemplateId": "temp-cuwgt1ca",
"TemplateName": "Security template_rename"
    "SecurityPolicy": {
        "CustomRules": {
            "Rules": [
                {
                    "Action": {
                        "Name": "Deny"
                    },
                    "Condition": "${http.request.host} in ['111']",
                    "Enabled": "on",
                    "Id": "1492837231",
                    "Name": "acl1",
                    "Priority": 35,
                    "RuleType": "PreciseMatchRule"
                },
                {
                    "Action": {
                        "Name": "Deny"
                    },
                    "Condition": "${http.request.headers['referer']} in ['123']",
                    "Enabled": "on",
                    "Id": "1492837231",
                    "Name": "iptable1",
                    "Priority": 1,
                    "RuleType": "BasicAccessRule"
                }
            ]
        },
        "ExceptionRules": {
            "Rules": [
                {
                    "Condition": "${http.request.uri.path} in ['/api/v3/test','/api/v3/submit'] ",
                    "Enabled": "on",
                    "Id": "1492837231",
                    "ManagedRuleGroupsForException": [

                    ],
                    "ManagedRulesForException": [
                        "4401215074",
                        "4368124487"
                    ],
                    "Name": "SampleSkipManagedRuleForField",
                    "RequestFieldsForException": [
                        {
                            "Scope": "cookie",
                            "TargetField": "key",
                            "Condition": ""
                        }
                    ],
                    "SkipOption": "SkipOnSpecifiedRequestFields",
                    "SkipScope": "ManagedRules",
                    "WebSecurityModulesForException": [

                    ]
                }
            ]
        },
        "HttpDDoSProtection": {
            "AdaptiveFrequencyControl": {
                "Action": {
                    "ChallengeActionParameters": {
                        "ChallengeOption": "JSChallenge"
                    },
                    "Name": "Challenge"
                },
                "Enabled": "on",
                "Sensitivity": "Loose"
            },
            "BandwidthAbuseDefense": {
                "Action": {
                    "Name": "Monitor"
                },
                "Enabled": "off"
            },
            "ClientFiltering": {
                "Action": {
                    "ChallengeActionParameters": {
                        "ChallengeOption": "JSChallenge"
                    },
                    "Name": "Challenge"
                },
                "Enabled": "on"
            },
            "SlowAttackDefense": {
                "Action": {
                    "Name": "Deny"
                },
                "Enabled": "off",
                "MinimalRequestBodyTransferRate": {
                    "CountingPeriod": "60s",
                    "Enabled": "off",
                    "MinimalAvgTransferRateThreshold": "80bps"
                },
                "RequestBodyTransferTimeout": {
                    "Enabled": "off",
                    "IdleTimeout": "5s"
                }
            }
        },
        "ManagedRules": {
            "AutoUpdate": {
                "AutoUpdateToLatestVersion": "on"
            },
            "DetectionOnly": "on",
            "Enabled": "on",
            "ManagedRuleGroups": [
                {
                    "Action": {
                        "Name": "Monitor"
                    },
                    "GroupId": "wafgroup-webshell-attacks",
                    "MetaData": {
"GroupDetail": "Webshell detection and protection"
"GroupName": "Webshell detection protection"
                        "RuleDetails": [
                            {
"Description": "This rule intercepts malicious obfuscated PHP Webshell"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-05-16T03:02:25Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "Protection against php code injection and webshell upload attacks"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2019-04-03T08:25:00Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "This rule intercepts malicious function call features in ASP Webshell and JSP Webshell"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-05-16T03:04:30Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "This rule intercepts the login password feature in Webshell"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-01-10T09:39:02Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "Detection rule targeting the default_json transport protocol of Ice Scorpion"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-07-28T06:24:01Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "Protection rule against asp.net webshell, based on asp.net webshell tag features"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-01-19T09:12:31Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "Targets webshell write features appearing in headers"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-03-31T09:37:39Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "This rule intercepts suspicious function calls in webshells"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-01-12T07:29:50Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "This rule intercepts high-risk function call features in PHP Webshell"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-05-16T03:06:10Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "This rule intercepts the behavior of variable definition in PHP Webshell"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-06-13T03:55:11Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "This rule blocks webshell files based on connection features of some commonly used webshell tools"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-08-13T06:35:48Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "Protect against java code injection and jsp webshell upload attacks"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2017-11-01T08:53:30Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "Detection rule against the default_image transport protocol of Ice Scorpion"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-07-28T06:24:25Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "This rule intercepts sensitive string features that may appear in webshells"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-01-10T09:43:16Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "Protect against webshell attacks and detect sensitive variable usage in $_GET/$_POST"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2018-11-28T06:51:52Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "This rule detects malicious obfuscated webshells"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-01-12T07:33:55Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "This rule intercepts Webshells with suspicious encoded character strings"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-01-12T07:21:46Z",
                                "Tags": [

                                ]
                            }
                        ]
                    },
                    "RuleActions": [

                    ],
                    "SensitivityLevel": "strict"
                },
                {
                    "Action": {
                        "Name": "Monitor"
                    },
                    "GroupId": "wafgroup-xss-attacks",
                    "MetaData": {
"GroupDetail": "Cross-site scripting protection"
"GroupName": "xss Cross-Site Scripting Protection"
                        "RuleDetails": [
                            {
"Description": "Strict xss rules targeting scenarios with html tag injection"
                                "RiskLevel": "low",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-03-23T05:32:56Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "This rule intercepts HTML injection via the data pseudo-protocol"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-06-20T06:26:44Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protect against flash xss attacks in xss attacks, detect access requests for swf files that can call sensitive functions"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2018-04-18T06:37:44Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protect against xss attacks by targeting sensitive tags and their attributes in HTTP request cookie fields, such as attack patterns like <script src=xxx>/<iframe src=javascript:xxx>"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-06-24T12:35:37Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Disguises protocol characteristics based on javascript, intercepts GET request parameters, and leverages javascript pseudo-protocol for xss behavior"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-07-22T03:07:14Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "This rule intercepts sensitive pseudo-protocol call features in XSS attacking"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-11-22T12:31:05Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protection rule against Ecommerse-1.0 xss vulnerability"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-11-30T08:47:05Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "Intercept attack patterns that call multiple pseudo-protocols within the same HTML tag"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-08-09T02:41:51Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protection against the javascript pseudo-protocol in xss"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-04-01T03:47:49Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protection against some xss-specific attack probes"
                                "RiskLevel": "low",
                                "RuleId": "1492837231",
                                "RuleVersion": "2024-11-19T06:37:27Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "Protects against sensitive events and JS functions during xss attacks, such as onload=xxx and document.cookie"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2019-01-03T07:36:29Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "This rule intercepts attackers bypassing attacks by encoding browser pseudo-protocols as entities and other methods"
                                "RiskLevel": "low",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-10-25T12:34:40Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "In moderate protection mode, defend against common reflected/stored XSS attacks"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-08-17T08:25:13Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "For scenarios targeting xss vulnerability exploitation in js environment output points, such as using ;new Function(atob(` to execute malicious js code"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2020-12-28T06:29:01Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protects against reflection/stored XSS attacks in upload requests"
                                "RiskLevel": "low",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-08-17T08:23:02Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Targeting xss vulnerability type, this rule covers newly-added on events used for executing javascript operations."
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-01-18T08:14:05Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protection rule to block attempts using the <isindex> tag for XSS exploitation"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-11-30T08:43:55Z",
                                "Tags": [

                                ]
                            },
                            {
"Description": "protect against flash xss attacks"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2017-11-01T03:03:57Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protect against xss attacks, detect attackers performing sensitive operations such as pop-up verification via alert/prompt calls or adding malicious DOM nodes."
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2018-01-02T02:05:19Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protects against attackers leveraging XSS vulnerabilities for probing"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-04-02T08:25:47Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Encode entities in the cookie field of an HTTP request to bypass XSS attacks targeting sensitive operations"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-06-24T09:24:55Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Strict xss rule, protection rule against some special encoding"
                                "RiskLevel": "low",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-03-23T12:45:22Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protect against xss attacks, detect attackers attempting to inject external JS scripts by calling getScript/CreateElement functions for sensitive operations"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2018-01-02T02:09:14Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protects against sensitive tags and their sensitive attributes in xss attacks, such as attack patterns like <script src=xxx>/<iframe src=javascript:xxx>"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2019-12-31T07:48:29Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Detect attack patterns like data uri/base64 in xss attacking by targeting the cookie field in HTTP requests"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-06-24T10:09:09Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protection rule against some client-side prototype chain pollution probe requests"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-09-03T09:26:42Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Interception rule against specific xss probing payloads in strict mode"
                                "RiskLevel": "low",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-11-10T08:57:34Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Detect attack patterns in xss data uri/base64"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2017-09-01T03:18:36Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Strict xss rule targeting predefined global variables in js"
                                "RiskLevel": "low",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-03-23T05:33:41Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Strict xss rules targeting scenarios where css executes javascript in IE"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-03-23T04:58:47Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protect against malicious XSS vulnerability detection behavior"
                                "RiskLevel": "low",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-03-23T13:17:23Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protects against XSS attacks leveraging angularjs features"
                                "RiskLevel": "medium",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-04-06T06:21:17Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protection against XSS attacks bypassing entity encoding"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2018-01-02T02:21:34Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "In loose mode, xss protection rule"
                                "RiskLevel": "extreme",
                                "RuleId": "1492837231",
                                "RuleVersion": "2020-12-07T02:45:26Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Block attack patterns that call multiple pseudo-protocols within the same HTML tag"
                                "RiskLevel": "high",
                                "RuleId": "1492837231",
                                "RuleVersion": "2021-08-09T02:40:05Z",
                                "Tags": [
                                    "owasp"
                                ]
                            },
                            {
"Description": "Protection rules against some historic XSS attack vectors"
                                "RiskLevel": "low",
                                "RuleId": "1492837231",
                                "RuleVersion": "2022-05-16T09:28:20Z",
                                "Tags": [
                                    "owasp"
                                ]
                            }
                        ]
                    },
                    "RuleActions": [

                    ],
                    "SensitivityLevel": "strict"
                }
            ],
            "SemanticAnalysis": "off"
        },
        "RateLimitingRules": {
            "Rules": [
                {
                    "Action": {
                        "Name": "Deny"
                    },
                    "ActionDuration": "20h",
                    "Condition": "${http.request.uri.path} in ['/api/v3/test','/api/v3/submit']",
                    "CountBy": [
                        "http.request.ip",
                        "http.request.cookies['UserSession']"
                    ],
                    "CountingPeriod": "2m",
                    "Enabled": "on",
                    "Id": "1492837231",
                    "MaxRequestThreshold": 1000,
                    "Name": "SampleHttpDdosRule",
                    "Priority": 100
                }
            ]
        }
    }
}

Output Example

{
    "Response": {
        "RequestId": "09ce3d28-1119-49cd-d5a9-27cb34dac669"
    }
}

5. Developer Resources

SDK

TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.

Command Line Interface

6. Error Code

The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.

Error CodeDescription
InvalidParameter.SecurityInvalid parameter.
edgeone Logo
Copyright © 2013-2025 Tencent Cloud. All Rights Reserved.