Package com.oracle.bmc.waas.model

Class ProtectionSettings.Builder

    • Constructor Detail

      • Builder

        public Builder()

    • Method Detail

      • blockAction

        public ProtectionSettings.Builder blockAction​(ProtectionSettings.BlockAction blockAction)
        If action is set to BLOCK, this specifies how the traffic is blocked when detected as malicious by a protection rule.

        If unspecified, defaults to SET_RESPONSE_CODE.

        Parameters:
        blockAction - the value to set
        Returns:
        this builder

      • blockResponseCode

        public ProtectionSettings.Builder blockResponseCode​(Integer blockResponseCode)
        The response code returned when action is set to BLOCK, blockAction is set to SET_RESPONSE_CODE, and the traffic is detected as malicious by a protection rule.

        If unspecified, defaults to 403. The list of available response codes: 400, 401, 403, 405, 409, 411, 412, 413, 414, 415, 416, 500, 501, 502, 503, 504, 507.

        Parameters:
        blockResponseCode - the value to set
        Returns:
        this builder

      • blockErrorPageMessage

        public ProtectionSettings.Builder blockErrorPageMessage​(String blockErrorPageMessage)
        The message to show on the error page when action is set to BLOCK, blockAction is set to SHOW_ERROR_PAGE, and the traffic is detected as malicious by a protection rule.

        If unspecified, defaults to ‘Access to the website is blocked.’

        Parameters:
        blockErrorPageMessage - the value to set
        Returns:
        this builder

      • blockErrorPageCode

        public ProtectionSettings.Builder blockErrorPageCode​(String blockErrorPageCode)
        The error code to show on the error page when action is set to BLOCK, blockAction is set to SHOW_ERROR_PAGE, and the traffic is detected as malicious by a protection rule.

        If unspecified, defaults to 403.

        Parameters:
        blockErrorPageCode - the value to set
        Returns:
        this builder

      • blockErrorPageDescription

        public ProtectionSettings.Builder blockErrorPageDescription​(String blockErrorPageDescription)
        The description text to show on the error page when action is set to BLOCK, blockAction is set to SHOW_ERROR_PAGE, and the traffic is detected as malicious by a protection rule.

        If unspecified, defaults to Access blocked by website owner. Please contact support.

        Parameters:
        blockErrorPageDescription - the value to set
        Returns:
        this builder

      • maxArgumentCount

        public ProtectionSettings.Builder maxArgumentCount​(Integer maxArgumentCount)
        The maximum number of arguments allowed to be passed to your application before an action is taken.

        Arguements are query parameters or body parameters in a PUT or POST request. If unspecified, defaults to 255. This setting only applies if a corresponding protection rule is enabled, such as the “Number of Arguments Limits” rule (key: 960335).

        Example: If maxArgumentCount to 2 for the Max Number of Arguments protection rule (key: 960335), the following requests would be blocked: GET /myapp/path?query=one&query=two&query=three POST /myapp/path with Body {"argument1":"one","argument2":"two","argument3":"three"}

        Parameters:
        maxArgumentCount - the value to set
        Returns:
        this builder

      • maxNameLengthPerArgument

        public ProtectionSettings.Builder maxNameLengthPerArgument​(Integer maxNameLengthPerArgument)
        The maximum length allowed for each argument name, in characters.

        Arguements are query parameters or body parameters in a PUT or POST request. If unspecified, defaults to 400. This setting only applies if a corresponding protection rule is enabled, such as the “Values Limits” rule (key: 960208).

        Parameters:
        maxNameLengthPerArgument - the value to set
        Returns:
        this builder

      • maxTotalNameLengthOfArguments

        public ProtectionSettings.Builder maxTotalNameLengthOfArguments​(Integer maxTotalNameLengthOfArguments)
        The maximum length allowed for the sum of the argument name and value, in characters.

        Arguements are query parameters or body parameters in a PUT or POST request. If unspecified, defaults to 64000. This setting only applies if a corresponding protection rule is enabled, such as the “Total Arguments Limits” rule (key: 960341).

        Parameters:
        maxTotalNameLengthOfArguments - the value to set
        Returns:
        this builder

      • recommendationsPeriodInDays

        public ProtectionSettings.Builder recommendationsPeriodInDays​(Integer recommendationsPeriodInDays)
        The length of time to analyze traffic traffic, in days.

        After the analysis period, WafRecommendations will be populated. If unspecified, defaults to 10.

        Use GET /waasPolicies/{waasPolicyId}/wafRecommendations to view WAF recommendations.

        Parameters:
        recommendationsPeriodInDays - the value to set
        Returns:
        this builder

      • isResponseInspected

        public ProtectionSettings.Builder isResponseInspected​(Boolean isResponseInspected)
        Inspects the response body of origin responses.

        Can be used to detect leakage of sensitive data. If unspecified, defaults to false.

        *Note:** Only origin responses with a Content-Type matching a value in mediaTypes will be inspected.

        Parameters:
        isResponseInspected - the value to set
        Returns:
        this builder

      • maxResponseSizeInKiB

        public ProtectionSettings.Builder maxResponseSizeInKiB​(Integer maxResponseSizeInKiB)
        The maximum response size to be fully inspected, in binary kilobytes (KiB).

        Anything over this limit will be partially inspected. If unspecified, defaults to 1024.

        Parameters:
        maxResponseSizeInKiB - the value to set
        Returns:
        this builder

      • allowedHttpMethods

        public ProtectionSettings.Builder allowedHttpMethods​(List<ProtectionSettings.AllowedHttpMethods> allowedHttpMethods)
        The list of allowed HTTP methods.

        If unspecified, default to [OPTIONS, GET, HEAD, POST]. This setting only applies if a corresponding protection rule is enabled, such as the “Restrict HTTP Request Methods” rule (key: 911100).

        Parameters:
        allowedHttpMethods - the value to set
        Returns:
        this builder

      • mediaTypes

        public ProtectionSettings.Builder mediaTypes​(List<String> mediaTypes)
        The list of media types to allow for inspection, if isResponseInspected is enabled.

        Only responses with MIME types in this list will be inspected. If unspecified, defaults to [“text/html”, “text/plain”, “text/xml”].

        Supported MIME types include:

        - text/html - text/plain - text/asp - text/css - text/x-script - application/json - text/webviewhtml - text/x-java-source - application/x-javascript - application/javascript - application/ecmascript - text/javascript - text/ecmascript - text/x-script.perl - text/x-script.phyton - application/plain - application/xml - text/xml

        Parameters:
        mediaTypes - the value to set
        Returns:
        this builder